From owner-freebsd-questions Sat May 27 12:41:11 2000 Delivered-To: freebsd-questions@freebsd.org Received: from snoopy.brwn.org (intgw1.brwn.org [196.28.127.66]) by hub.freebsd.org (Postfix) with ESMTP id 4525337B6D6 for ; Sat, 27 May 2000 12:41:00 -0700 (PDT) (envelope-from willem@brwn.org) Received: from brwn.org (grumpy.brwn.org [192.168.1.10]) by snoopy.brwn.org (Postfix) with ESMTP id 1DA423ACA; Sat, 27 May 2000 21:40:55 +0200 (SAST) Message-ID: <393024C6.A1D707FA@brwn.org> Date: Sat, 27 May 2000 21:40:54 +0200 From: Willem Brown Organization: Brwn.ORG X-Mailer: Mozilla 4.7 [en] (X11; U; Linux 2.2.13 i586) X-Accept-Language: en MIME-Version: 1.0 To: Hank Wethington Cc: BSD Subject: Re: Transproxy not working? References: Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Hi, Someone else asked a question about transparent proxying. And they were pointed to this. http://www.squid-cache.org/Doc/FAQ/FAQ-17.html This might give you some idea on how to set it up. Hank Wethington wrote: > > Greetings all, > > I've been working with transproxy over the last couple of days and having a > little trouble with it and was hoping you could point me in the right > direction, as I have found very little written information about transproxy. > > First I suppose I should give you my config: > FreeBSD 3.4, running natd and IPFW over DSL. Routing for 3 internal machine > running win9x/2k. > This machine is also running as a mail server (qmail), FTP (NCFtp), and > small web server (apache) > > A friend of mine runs a proxy server that blocks porn. If I put it in each What proxy software is he using. Maybe it isn't set up to handle transparent proxying? > browser it works fine, but alas, too easy to get around. I had been looking > for a solution when a BSD friend of mine suggested transproxy. I installed > the latest build from the transproxy web site. I am running tproxy as a > standalone server. I have verified it is running (top) and verified it is > using port 81 (by trying to run it again with similar settings). Here is the > command that is running from rc.conf > > tproxy -s 81 -r nobody proxy.iolwest.com 80 > > The port for iolwest's proxy is 80 (verified through running the proxy > settings on Netscape). > > I've also added the following IPFW rules > > 00900 allow tcp from 192.168.1.0/24 to any 80 > 00910 fwd proxy.iolwest.com,81 tcp from any to any 80 > > Now I can still browse and do all other internet related tasks, but alas, I > still have access to porn, sites I know are blocked because they were > blocked when I ran the proxy in Netscape. I did a tcpdump, and it appears > that the packets are not being forwarded to tproxy. > > Have you seen this before? Did I screw up the configuration some how? Do I > understand the use of transproxy, that it should allow me to do this? > > Your help is greatly appreciated. > > Thanks, > > Hank Wethington > Information Logistics > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message Regards Willem Brown -- |--------------LINUX & *BSD, the CHOICE is yours--------------| To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message