From owner-freebsd-ipfw@FreeBSD.ORG Sat Feb 12 20:24:56 2005 Return-Path: Delivered-To: freebsd-ipfw@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id B18E716A4CE for ; Sat, 12 Feb 2005 20:24:56 +0000 (GMT) Received: from gatekeeper.radio-do.de (gatekeeper.Radio-do.de [193.101.164.1]) by mx1.FreeBSD.org (Postfix) with ESMTP id 64BE343D2F for ; Sat, 12 Feb 2005 20:24:55 +0000 (GMT) (envelope-from fn@radio-do.de) Received: by gatekeeper.radio-do.de (Milliard Gargantubrain Mail Daemon, from userid 65534) id 5B45141C47; Sat, 12 Feb 2005 21:24:49 +0100 (CET) Received: from [IPv6:2001:600:1032:666::7] (pbook.radio-do.de [IPv6:2001:600:1032:666::7])ESMTP id 2FD7841C2D; Sat, 12 Feb 2005 21:24:47 +0100 (CET) In-Reply-To: <20050211231127.54471.qmail@web52410.mail.yahoo.com> References: <20050211231127.54471.qmail@web52410.mail.yahoo.com> Mime-Version: 1.0 (Apple Message framework v619.2) Content-Type: text/plain; charset=ISO-8859-1; format=flowed Message-Id: Content-Transfer-Encoding: quoted-printable From: Frank Nobis Date: Sat, 12 Feb 2005 21:24:36 +0100 To: =?ISO-8859-1?Q?Diego_Camarena_Gonz=E1lez?= X-Pgp-Agent: GPGMail 1.0.2 X-Mailer: Apple Mail (2.619.2) X-Spam-Checker-Version: SpamAssassin 3.0.1 (2004-10-22) on gatekeeper.radio-do.de X-Spam-Level: X-Spam-Status: No, score=-5.9 required=5.0 tests=ALL_TRUSTED,AWL,BAYES_00 autolearn=ham version=3.0.1 cc: freebsd-ipfw@freebsd.org Subject: Re: Configuring ipfw with squid as a transparent proxy X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 12 Feb 2005 20:24:56 -0000 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Am 12. Feb 2005 um 00:11 schrieb Diego Camarena Gonz=E1lez: > Does anyone knows how can i configure Squid as a Transparent proxy > using IPFW assuming that i have already configured Squid with Samba > authentication. > First you need a rule in IPFW like this one add 1000 fwd 127.0.0.1,3128 tcp from INET:IMASK to any 80 via IIF where INET:IMASK is my local network an IIF is my internal interface. and you need some specials in the squid conf like this: http_port 127.0.0.1:3128 forwarded_for off httpd_accel_with_proxy off httpd_accel_uses_host_header off httpd_accel_single_host off cache_effective_user nobody cache_effective_group nobody httpd_accel_host virtual httpd_accel_port 80 httpd_accel_with_proxy on httpd_accel_uses_host_header on Gru=DF Frank - --=20 Frank Nobis, Thielenstr. 12, 44369 Dortmund Q: Because it reverses the logical flow of conversation. A: Why is putting a reply at the top of the message frowned upon? -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (Darwin) iD8DBQFCDmYONTxD6oqBaVcRAgzMAJ481jvtAG9yheBd5HKN03h47GkSewCfV3KQ FiALyBUFl5jVIcBA4h7bL6I=3D =3D8ybB -----END PGP SIGNATURE-----