Date: Thu, 01 Feb 2001 13:12:55 -0800 From: Julian Elischer <julian@elischer.org> To: mi@aldan.algebra.com Cc: questions@freebsd.org, net@freebsd.org Subject: Re: transparent proxying through a separate machine Message-ID: <3A79D157.A18270EB@elischer.org> References: <200102012103.f11L3nP50702@misha.privatelabs.com>
next in thread | previous in thread | raw e-mail | index | archive | help
mi@aldan.algebra.com wrote:
>
> Hello!
>
> We have a single firewall machine and a _separate_ machine running
> squid proxy (both servers are on the same network wire).
>
> How do I catch all of the outgoing http requests and send them through
> squid?
>
> I tried
>
> ipfw add fwd squid,3128 tcp from any to any http
>
> but it does not seem to work -- squid never gets contacted. All of the
> recipes out there describe the setups with squid and the firewall being
> on the same machine. What else do I need to do? Thanks!
I assume squid is the name of the other machine?
you need to have the same rule in the ipfw on that machine too.
otherwise it will reflect the packet back at it's original destination
as it still has headers saying it wants to go there. (It's unaltered).
>
> -mi
>
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-net" in the body of the message
--
__--_|\ Julian Elischer
/ \ julian@elischer.org
( OZ ) World tour 2000-2001
---> X_.---._/
v
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-net" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3A79D157.A18270EB>