From owner-freebsd-ipfw Thu Jun 27 10:12:18 2002 Delivered-To: freebsd-ipfw@freebsd.org Received: from malkav.snowmoon.com (malkav.snowmoon.com [209.23.60.62]) by hub.freebsd.org (Postfix) with SMTP id 5214937B405 for ; Thu, 27 Jun 2002 10:12:13 -0700 (PDT) Received: (qmail 7240 invoked from network); 27 Jun 2002 17:12:01 -0000 Received: from localhost.snowmoon.com (HELO localhost) (127.0.0.1) by localhost.snowmoon.com with SMTP; 27 Jun 2002 17:12:01 -0000 Date: Thu, 27 Jun 2002 13:12:01 -0400 (EDT) From: Jaime To: freebsd-ipfw@freebsd.org Subject: ipfw fwd and bridging Message-ID: <20020627130511.J7217-100000@malkav.snowmoon.com> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-ipfw@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG I'm trying to put a new FreeBSD 4.6 firewall + filtering proxy into the network at my job. (Damn CIPA....) I tried to do this with bridging, but I couldn't get "ipfw add 10000 fwd 127.0.0.1,8080 tcp from any to any 80" to work the way that I expected. The man page seems to indicate that fwd and bridge are incompatible. Is this true? I ended up re-designing the firewall as a routing firewall and used ipfw fwd --> transproxy --> dansguardian --> squid. Now the /var/log/dansguardian.log file lists all requests as coming from 127.0.0.1 for obvious reasons. This means that I can't use /usr/local/etc/dansguardian/exceptioniplist to allow certain computers to bypass the web filters. So I'd kind of like to remove transproxy, too. :) Not an ipfw issue per se, but if anyone out there has some pointers I'd love to hear them. :) Jaime To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ipfw" in the body of the message