Date: Sun, 24 Dec 2000 04:37:54 +0100 From: Ron Scott <ron@kronos.HostUniverse.net> To: Kathy Quinlan <katinka@magestower.com> Cc: freebsd-questions@FreeBSD.org Subject: Re: PROXY SERVERS Message-ID: <20001224043754.A18057@kronos.hostuniverse.hu> In-Reply-To: <002501c06d54$b1fb70e0$fe00a8c0@wskatinka>; from katinka@magestower.com on Sun, Dec 24, 2000 at 10:53:24AM %2B0800 References: <002501c06d54$b1fb70e0$fe00a8c0@wskatinka>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, Dec 24, 2000 at 10:53:24AM +0800, Kathy Quinlan wrote: > Hi all > > I need a proxy server to handle traffic from multiple machines to the net. > The reason we need one is for IRC DCC's and ICQ :o) You can use NAT, natd or ipnat. This isn't a proxy, but it should work with irc, httpd, ftp, etc., and it's transparent for the client. To use ipnat, put this in your kernel config and make a new kernel: ---------- options IPFILTER # -- ipmon(8) logging if you want options IPFILTER_LOG # -- default is pass anything, this reverses it, use with care #options IPFILTER_DEFAULT_BLOCK ---------- Edit /etc/natrules: ---------- map fxp0 10.1.1.0/24 -> 195.228.16.17/32 portmap tcp/udp 1024:65535 map fxp0 10.1.1.0/24 -> 195.228.16.17/32 ---------- `fxp0' is the interface name (see ifconfig output) on the internet `10.1.1.0/24' is the internal network/mask `195.228.16.17/32' is the IP address/mask from `fxp0' For ipfilter (ipf) you need a site specific configuration. You can start with this (/etc/ipf.conf) if you haven't one: ---------- block in log quick from any to any with ipopts block in log quick proto tcp from any to any with short pass in all pass out all ---------- Start ipfilter: ipf -E -f /etc/ipf.conf and after, start ipnat with: ipnat -f /etc/natrules List filters and active sessions: ipnat -ls See ipf(8), ipnat(1) for more info. Hope this helps and happy holydays for everyone, -Ron > > Any help appreciated, > > Kathy. > > Ps have looked at relay (no man page) and proxy (not much info) > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message -- UNIX was never designed to keep people from doing stupid things, because that policy would also keep them from doing clever things. (Doug Gwyn) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20001224043754.A18057>