From owner-freebsd-questions  Sun Oct 27 19: 1:22 2002
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP
	id 7476337B401; Sun, 27 Oct 2002 19:01:21 -0800 (PST)
Received: from scorpio.DrkShdw.org (user205.net239.fl.sprint-hsd.net [209.26.20.205])
	by mx1.FreeBSD.org (Postfix) with ESMTP
	id 5CD0343E3B; Sun, 27 Oct 2002 19:01:10 -0800 (PST)
	(envelope-from scorpio@drkshdw.org)
Received: from scorpio.drkshdw.org (jeff [192.168.1.2])
	by scorpio.DrkShdw.org (8.12.6/8.12.6) with ESMTP id g9S32AgQ034381;
	Sun, 27 Oct 2002 22:02:11 -0500 (EST)
	(envelope-from scorpio@drkshdw.org)
Message-Id: <5.1.1.6.0.20021027215426.00ba6ec8@mail.drkshdw.org>
X-Sender: scorpio@mail.drkshdw.org
X-Mailer: QUALCOMM Windows Eudora Version 5.1.1
Date: Sun, 27 Oct 2002 22:01:06 -0500
To: freebsd-isp@freebsd.org;, freebsd-questions@freebsd.org
From: Jeff Palmer <scorpio@drkshdw.org>
Subject: IPFW fwd doesn't seem to work
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format=flowed
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-questions.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-questions>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-questions>
X-Loop: FreeBSD.ORG

Hello,


I run a small ISP in florida,  and have decided to implement a squid proxy.

I've got everything configured except the ipfw forward rule on the 
bridge/firewall.

The basic layout is    router <--->  bridge/firewall <--> switch to other 
servers


I've added a rule to allow traffic from the proxy machine, out to the internet.

ipfw add pass tcp from 123.123.123.123 to any 80

I then have a rule that is supposed to forward the other port 80 requests 
to another ip/port.

ipfw add fwd 123.123.123.124,3128 log tcp from 123.123.123.0/24 to any 80

Now,   /var/log/security shows the rule as matching but the proxy machine 
never see's the traffic.


Any ideas on what I'm doing wrong?

Jeff Palmer
http://www.pci2.net
http://boards.pci2.net






To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message