Date: Tue, 1 Jun 2004 15:06:21 +0400 From: "Igor Dombrovan" <igor@chorus.ru> To: <freebsd-questions@freebsd.org> Subject: Policy-based transparent proxying Message-ID: <20040601105524.65E9488C90@mail.chorus.ru>
next in thread | raw e-mail | index | archive | help
Hi guys Suppose my FreeBSD machine is a router/firewall for a small private network and I use transparent proxying. ipnat.conf looks like this : rdr fxp0 192.168.0.254/32 port 80 -> 192.168.0.254 port 8000 tcp rdr fxp0 0/0 port 80 -> 192.168.0.254 port 3128 tcp map dc0 192.168.0.0/24 -> x.x.x.x/32 proxy port ftp ftp/tcp map dc0 192.168.0.0/24 -> x.x.x.x/32 portmap tcp/udp auto map dc0 192.168.0.0/24 -> x.x.x.x/32 fxp0 being the internal iface and dc0 the external one Now suppose I shall have one more subnet - 192.168.1.0/24 and I want to nat it to another external IP address and make it use a different proxy. With nat it's rather clear but as to using a separate proxy - man 5 ipnat and practice says I can't use "from" clause in rdr. Any ideas (except switching to ipfw) ? Thanks all for your attention Igor
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040601105524.65E9488C90>