From owner-freebsd-pf@FreeBSD.ORG Wed Feb 23 15:31:14 2005 Return-Path: Delivered-To: freebsd-pf@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 6D3B516A4CE; Wed, 23 Feb 2005 15:31:14 +0000 (GMT) Received: from hermes.niicommunications.com (hermes.niicommunications.com [207.207.35.34]) by mx1.FreeBSD.org (Postfix) with ESMTP id A1BCE43D45; Wed, 23 Feb 2005 15:31:13 +0000 (GMT) (envelope-from jhunt@niicommunications.com) Received: from ASSP-nii (localhost.niicommunications.com [127.0.0.1]) id j1NFVCns059952; Wed, 23 Feb 2005 09:31:12 -0600 (CST) Received: from 207.207.35.35 ([207.207.35.35] helo=[192.168.2.5]) by ASSP-nii ; 23 Feb 05 15:31:12 -0000 User-Agent: Microsoft-Entourage/11.0.0.040405 Date: Wed, 23 Feb 2005 09:31:11 -0600 From: Jason Hunt To: Message-ID: In-Reply-To: <421B66E5.7020402@raxion.net> Mime-version: 1.0 Content-type: text/plain; charset="US-ASCII" Content-transfer-encoding: 7bit cc: pf@freebsd.org Subject: pf Transparent Proxy Return X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Technical discussion and general questions about packet filter (pf) List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 23 Feb 2005 15:31:14 -0000 Greetings, Pretty new to pf, but was wondering how it would be possible to redirect traffic to a specific site back to port 80 instead of going through 3128. Using iptables, it is pretty much like so: $IPTABLES -t nat -I PREROUTING -p tcp --dport 80 -d x.x.x.x/32 -j RETURN Also in iptables, I could exclude a specific IP from even going through the proxy: $IPTABLES -t nat -I PREROUTING -p tcp -s 192.168.x.x --dport 80 -j RETURN I'm sure this can be done through pf, but was wondering what exactly the rule would be. Is there any good books out on pf? Or does one believe the man pages from online are good enough to get a good understanding. Thanks for the help.