From owner-freebsd-net Fri Dec 6 6:10:56 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 3D89137B401; Fri, 6 Dec 2002 06:10:55 -0800 (PST) Received: from darkstar.wavenet.com.br (darkstar.wavenet.com.br [200.223.81.2]) by mx1.FreeBSD.org (Postfix) with ESMTP id 39D0C43E4A; Fri, 6 Dec 2002 06:10:54 -0800 (PST) (envelope-from jcrr@ieee.org) Received: (from root@localhost) by darkstar.wavenet.com.br (8.12.6/8.12.2) id gB6ECYDe039246; Fri, 6 Dec 2002 12:12:34 -0200 (BRST) Received: from mobile (acc-01-1E.radio.wavenet.com.br [200.223.81.30]) by darkstar.wavenet.com.br (8.12.6/8.12.2av) with SMTP id gB6ECUom039237; Fri, 6 Dec 2002 12:12:33 -0200 (BRST) Message-ID: <037701c29d39$85fecc00$1e01a8c0@mobile> From: "Joao Carlos" To: Cc: Subject: Squid and NATD with Redirect of ports Date: Fri, 6 Dec 2002 12:09:49 -0300 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2800.1106 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106 X-Virus-Scanned: by AMaViS perl-10 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org I'm having the following problem. FreeBSD 4.7-STABLE (but with any version it does not work either) I've a FreeBSD connected to a cable network, with only one IP Address. My FreeBSD has three network cards. One is connected to my internal network, other is connected to the cable, and the other is connected to a server that has some serves something to the Internet. I'm using IPFIREWALL and NATD, and without squid everything works fine. But I have to use SQUID + SQUIDGUARD to block some content and urls. The problem is: When the client is using squid, it requests www.somesite.com that is hosted at the server conected to this FreeBSD and has a non valid IP address. External access works because NATD redirects the port 80 to the internal address, but SQUID, that is located at the firewall, resolves the www.somesite.com to the local ip address and tries to connect to the localhost port 80. It does not pass the packets to the natd to redirect because it is a local ip address. Then i get Connection Refused because there is no web server at the firewall. Any ideas how i can solve this problem? I really need the clients using the squid at the IE configuration. Thanks. --- Joao Carlos jcrr@ieee.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message