From owner-freebsd-pf@freebsd.org Thu Jun 16 08:45:56 2016 Return-Path: Delivered-To: freebsd-pf@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 21892A44A31 for ; Thu, 16 Jun 2016 08:45:56 +0000 (UTC) (envelope-from atar.yosef@gmail.com) Received: from mail-wm0-x233.google.com (mail-wm0-x233.google.com [IPv6:2a00:1450:400c:c09::233]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id A5BB8175E; Thu, 16 Jun 2016 08:45:55 +0000 (UTC) (envelope-from atar.yosef@gmail.com) Received: by mail-wm0-x233.google.com with SMTP id k184so30750501wme.1; Thu, 16 Jun 2016 01:45:55 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=references:mime-version:in-reply-to:content-transfer-encoding :message-id:cc:from:subject:date:to; bh=x/dr0/wpkKim+ugtvS0pV+pME0VZ9Kv7BfiYlfB+6zQ=; b=o4hHruMjHez4fO4pe5NyQLn/RQ54l7J6VM28getbj7XijyvGou8TObX6HhyO6E5biZ edEJm3YCcdZy7r8YhpiyQKvfou9L+QXJZFlLNjAi5mFG0s+dSVYovJkZz6PLgYSLbf5U JCuT6BikzebTJij1hJO9Sl9PZtzG7CmxlKgkN0DcA1SnopkQZfLuQkKMePbHahG5kexy 7yG3YFA4BN92oDODv+Y/DETgvtDwHTyKp2N5MB2Z45Jsg04BlbBJ2DNCN/cvuaO/DCMz gn1jelv5yg5k+Fq/E59KwDWknVKtIGo+5QEtkAoi9yxugcmkiKyj2rN1klYWNe5p1FZ3 S7FQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:references:mime-version:in-reply-to :content-transfer-encoding:message-id:cc:from:subject:date:to; bh=x/dr0/wpkKim+ugtvS0pV+pME0VZ9Kv7BfiYlfB+6zQ=; b=lUeS+cZiqSlYVW+qrH4XhQekeSfaaSflFZszVvBQM9H4Jq27KodSFSPH5kSYMGUP5R OQUSGZWZHzEJToGLGXpXjNidhraEPEENqwllkqUwyo9aeSCGerWcgB0jMheDdM8HRTJQ KkJhHsqPRCy9O6mGxl8HsNpfF40v0oRtMq9oEwfmFRxBqXvNPeDe1+sC639UBO30Ub2T 38lKX+XqEv0/gHvdRHYDhjCbLyizKy1BF02runYXchsjd84Mt6ByUEsvoO3eZQLdZoSR uAvYnAjaJWoEUzCzP1bpqKbuTQvhL/SuVYzAmLR0tyVISPn49jUBwESY69Y48Ax6cxH6 vtwg== X-Gm-Message-State: ALyK8tLpjMApb0RCkJQHEKtZlPhhp/z0YrPTuYOtkLcC69ywKATvyVJEjEWnYLSWLYZESQ== X-Received: by 10.28.167.69 with SMTP id q66mr3533564wme.100.1466066753894; Thu, 16 Jun 2016 01:45:53 -0700 (PDT) Received: from [192.168.20.5] ([212.29.194.245]) by smtp.gmail.com with ESMTPSA id u71sm13696857wmu.13.2016.06.16.01.45.53 (version=TLS1 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Thu, 16 Jun 2016 01:45:53 -0700 (PDT) References: <5858A82C-FB66-4D67-A676-47EABED976CE@gmail.com> <57600481.6080204@quip.cz> <08195C33-DC97-4ADD-9C0A-D9493E2C29F7@gmail.com> <57602DEC.6080201@quip.cz> <969F8F1C-E992-4F47-89F9-759FD8CE2B91@gmail.com> <20160614202243.GA81528@in-addr.com> <545E509D-7851-4D1E-9547-2B20D36DD04E@gmail.com> <57625D52.1030607@quip.cz> Mime-Version: 1.0 (1.0) In-Reply-To: <57625D52.1030607@quip.cz> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: quoted-printable Message-Id: Cc: Gary Palmer , "freebsd-pf@freebsd.org" X-Mailer: iPod Mail (10B500) From: atar Subject: Re: Filter connections based on the hostname. Date: Thu, 16 Jun 2016 11:45:48 +0300 To: Miroslav Lachman <000.fbsd@quip.cz> X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 16 Jun 2016 08:45:56 -0000 > atar wrote on 06/16/2016 09:15: >=20 > [...] >=20 >>> www.google.com DNS TTLs are 5 minutes so you shouldn't have to worry >>> about the IP changing in less then a minute UNLESS your PF firewall >>> and your browser use different DNS servers and could therefore get >>> different answers >>>=20 >>> Regards, >>>=20 >>> Gary >>=20 >> Can you give me any hint how to cause PF to redirect all the traffic thro= ugh the squid proxy? I'm pretty new in them both (PF and squid). >=20 > You can find basic config here > http://wiki.squid-cache.org/ConfigExamples/Intercept/FreeBsdPf >=20 > Squid can be installed from ports / packages > http://www.freshports.org/www/squid/ >=20 > Miroslav Lachman Thanks you very much! I hope I'll find it helpful.=