From owner-freebsd-net@FreeBSD.ORG Tue Jun 21 06:32:39 2005 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 9947F16A41C for ; Tue, 21 Jun 2005 06:32:39 +0000 (GMT) (envelope-from fooler@skyinet.net) Received: from smtp1.skyinet.net (smtp1.skyinet.net [202.78.97.6]) by mx1.FreeBSD.org (Postfix) with ESMTP id 58BA743D49 for ; Tue, 21 Jun 2005 06:32:39 +0000 (GMT) (envelope-from fooler@skyinet.net) Received: from fooler (fooler.ilo.skyinet.net [202.78.118.66]) by smtp1.skyinet.net (Postfix) with SMTP id 728D0583C8; Tue, 21 Jun 2005 14:32:14 +0800 (PHT) Message-ID: <048601c5762a$fe534060$42764eca@ilo.skyinet.net> From: "fooler" To: , "Ryan Rathje " References: <50401020510511701@webmail.iastate.edu> Date: Tue, 21 Jun 2005 14:32:17 +0800 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2800.1437 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1409 Cc: Subject: Re: transparent Squid 2.5Stable10 + FreeBSD 5.3 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 21 Jun 2005 06:32:39 -0000 ----- Original Message ----- From: "Ryan Rathje " To: Sent: Monday, June 20, 2005 11:40 PM Subject: transparent Squid 2.5Stable10 + FreeBSD 5.3 > ipfw add allow all from any to 192.168.1.2 80 > ipfw add fwd 192.168.1.2 tcp from any to 192.168.1.2 3128 > ipfw add fwd 192.168.1.2,3128 tcp from any to any 80,82,3128 out recv > 192.168.1.2 xmit 129.186.215.57 > > My gut feeling is it has something to do with my ipfw rules, any and ALL help > would get GREATLY appreciated. thanks yup your gut feeling is correct :-> you dont need to enable IPFILTER if you use IPFW... your simple ipfw rule for transparent proxy looks like this: ipfw add fwd 127.0.0.1,3128 tcp from any to any 80 in via fooler.