From owner-freebsd-acpi@FreeBSD.ORG Thu Oct 30 02:48:26 2008 Return-Path: Delivered-To: freebsd-acpi@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 05A47106567E for ; Thu, 30 Oct 2008 02:48:26 +0000 (UTC) (envelope-from soediro@gmail.com) Received: from wf-out-1314.google.com (wf-out-1314.google.com [209.85.200.168]) by mx1.freebsd.org (Postfix) with ESMTP id C911E8FC17 for ; Thu, 30 Oct 2008 02:48:25 +0000 (UTC) (envelope-from soediro@gmail.com) Received: by wf-out-1314.google.com with SMTP id 24so330137wfg.7 for ; Wed, 29 Oct 2008 19:48:25 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to :subject:mime-version:content-type; bh=FG0Yfus+E9c74GVJKEH8v1u66CsO8N9S2MP0ItES0Rw=; b=r+y5I20UDnasUSgdLp+LZYK/aK6IKlDQxP/WYxiF3+vWNE1FGSqMbU+loOH6i6fE0B omwcrAogl65a7WC74k26IV8o14Qya3gJ692id3NyTAwhdRPtv8yNGhrLhReVlwHjY8dE v2xwHslaAjfphFiTPxbYiWD2jW94r1cdsoCu0= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:mime-version:content-type; b=pO39c5BHBkT1u7Ng6h7SwzAOwmn5YpE8amgGYVvIFU1Z42ELOJbDX6rdR8JIxzXcPL m8UnQtwEZ/zlxRKzFc1VfNgLru+02TeyyVRS8LnwmqI3RoH3QDpJFh5jflg1y733JbS/ O2ZmLqdBZqK2gYmoQeE3mE1KC1vO4SxzSZMBg= Received: by 10.142.223.20 with SMTP id v20mr4369248wfg.81.1225333329066; Wed, 29 Oct 2008 19:22:09 -0700 (PDT) Received: by 10.142.191.1 with HTTP; Wed, 29 Oct 2008 19:22:09 -0700 (PDT) Message-ID: <41fb1abc0810291922r239289e5ubb033e687d09bd5b@mail.gmail.com> Date: Thu, 30 Oct 2008 09:22:09 +0700 From: sudiro To: freebsd-acpi@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Subject: router and inline proxy problem in FreeBSD 7.0 RELEASE X-BeenThere: freebsd-acpi@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: ACPI and power management development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 30 Oct 2008 02:48:26 -0000 I've been setting up router & proxy in a single machine. With additional kernel configuration as follows: options IPFIREWALL options IPDIVERT and "unsecured" firewall /usr/local/etc/firewall.conf as: add divert natd all from any to any via sk0 add allow all from any to any with above configuration and some additional parameter at /etc/rc.conf, I can't connect directly from my LAN to the internet or ICMP request to my ISP or run tracert in DOS box, except the browser which has to be set using proxy connection first. I've read the official documentation and some related books both FreeBSD and Squid. but remain the same. is there anything left? I'm using 2 NIC. one facing the internet (connect to my ISP using static IP), another facing my LAN. Thank's