Date: Fri, 15 Feb 2002 08:24:03 +0700 From: budsz <budsan02@bdg.centrin.net.id> To: C J Michaels <cjm2@earthling.net> Cc: freebsd-stable <freebsd-stable@FreeBSD.ORG> Subject: Re: Transparant proxy Message-ID: <20020215082403.C17774@bdg.centrin.net.id> In-Reply-To: <1096.10.0.0.254.1013730182.squirrel@mail.lan.27in.tv> References: <20020214162842.GA19623@leviathan.inethouston.net> <1096.10.0.0.254.1013730182.squirrel@mail.lan.27in.tv>
next in thread | previous in thread | raw e-mail | index | archive | help
--Md/poaVZ8hnGTzuv Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Thu, Feb 14, 2002 at 06:43:02PM -0500, C J Michaels wrote: >1. What's happening? If I use rule ipfw in my posted email, it's no effect that's mean with that rule or not my client can browse to the internet. >2. Are you running squid? or what particular proxy software are you using? Yes, I use squid with ./configure enable transparent proxy of couse. >3. Does the proxy work when the browser is configured to directly using >the proxy (not transparent) and the above firewall rules are not >implemented. Yes, proxy server and ipfw rule work fine. I mean with proxy or without proxy anybody can browse to the internet. that's my problem, I want my client if browsing without proxy they shouldn't connect to the internet. >4. What firewall type is configured in /etc/rc.conf, and where in said >file are the above listed ipfw rules? Ops...I don't use type of firewall in /etc/rc.conf maybe only like : firewall_enable=3D"YES" firewall_script=3D"/etc/rc.firewall" >I think your forward rules are too broad. You are forwarding any traffic >destined for port 80 to the transparent proxy, no matter what. >Assuming your network is 192.168.0.0/24 try this rule... >add 3002 fwd 192.168.0.88,7080 tcp from 192.168.0.0/24 to any 80 OK. thanks you --=20 budsz --Md/poaVZ8hnGTzuv Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (FreeBSD) Comment: For info see http://www.gnupg.org iD8DBQE8bGMy9kxLTmJpUwQRAju4AJ90bhC8rA9YToBxB9TkDmfIaY1iJwCfY7hG Ih6b8a445rdCwiwlr57HWj8= =PgQY -----END PGP SIGNATURE----- --Md/poaVZ8hnGTzuv-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020215082403.C17774>