From owner-freebsd-questions@FreeBSD.ORG  Sun Oct  5 22:42:34 2003
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 01F4B16A4B3
	for <freebsd-questions@freebsd.org>;
	Sun,  5 Oct 2003 22:42:34 -0700 (PDT)
Received: from ctb-mesg3.saix.net (ctb-mesg3.saix.net [196.25.240.75])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 1467743FBF
	for <freebsd-questions@freebsd.org>;
	Sun,  5 Oct 2003 22:40:31 -0700 (PDT)
	(envelope-from mark@netchat.co.za)
Received: from igate.org.za (rrba-bras-193-56.telkom-ipnet.co.za
	[165.165.193.56])
	by ctb-mesg3.saix.net (Postfix) with SMTP id C45FF3B82
	for <freebsd-questions@freebsd.org>;
	Mon,  6 Oct 2003 07:40:26 +0200 (SAST)
Received: (qmail 20343 invoked from network); 6 Oct 2003 05:37:54 -0000
Received: from unknown (HELO igate.org.za) (10.0.5.5)
  by igate.org.za with SMTP; 6 Oct 2003 05:37:54 -0000
Received: (qmail 3425 invoked from network); 6 Oct 2003 05:38:23 -0000
Received: from unknown (HELO mark.igate.org.za) (10.0.5.2)
  by igate.org.za with SMTP; 6 Oct 2003 05:38:23 -0000
Date: Mon, 6 Oct 2003 07:40:03 +0200
From: Mark Pearce <mark@netchat.co.za>
To: synrat <synrat@wirewalk.org>
Message-Id: <20031006074003.4851ebc9.mark@netchat.co.za>
In-Reply-To: <20031005233037.R18591@mail.wirewalk.com>
References: <20031005233037.R18591@mail.wirewalk.com>
Organization: Netchat
X-Mailer: Sylpheed version 0.9.3claws (GTK+ 1.2.10; i386-portbld-freebsd4.8)
Mime-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
cc: freebsd-questions@freebsd.org
Subject: Re: tranparent proxying, squid, nat, ipfw
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 06 Oct 2003 05:42:34 -0000

On Sun, 5 Oct 2003 23:40:09 -0400 (EDT)
synrat <synrat@wirewalk.org> wrote:

> I'm having a hard time getting this working together.
> I have squid 2.5 stable working and with all the required
> setting for transparent proxying. The machine has the kernel with IPFW
> and forwarding options. NAT is on, firewall type is simple with some
> modifications. Internal interface address is 192.168.1.1. Squid runs
> fine when the browser is setup to access it, but the goal is not to
> have to do that.
> 
> http_port 3128
> httpd_accel_host virtual
> httpd_accel_port 80
> httpd_accel_with_proxy  on
> httpd_accel_uses_host_header on

Hi

Did you install squid with the following options?

#  - Enable Transparent
Proxy support for IP-Filter systems(incl 3.0)#CONFIGURE_ARGS+=
--enable-ipf-transparent

Mark