From owner-freebsd-pf@FreeBSD.ORG Wed Dec 6 15:22:52 2006 Return-Path: X-Original-To: freebsd-pf@freebsd.org Delivered-To: freebsd-pf@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 4856916A47C for ; Wed, 6 Dec 2006 15:22:52 +0000 (UTC) (envelope-from gergely.czuczy@harmless.hu) Received: from marvin.harmless.hu (marvin.harmless.hu [195.56.55.204]) by mx1.FreeBSD.org (Postfix) with ESMTP id C687E43CBD for ; Wed, 6 Dec 2006 15:21:37 +0000 (GMT) (envelope-from gergely.czuczy@harmless.hu) Received: from localhost (marvin-mail [192.168.0.2]) by marvin.harmless.hu (Postfix) with ESMTP id B28CC7BFCE8; Wed, 6 Dec 2006 16:22:21 +0100 (CET) X-Virus-Scanned: by amavisd-new-2.4.2 (20060627) (Debian) at harmless.hu Received: from marvin.harmless.hu ([192.168.0.2]) by localhost (marvin.harmless.hu [192.168.0.2]) (amavisd-new, port 10024) with ESMTP id hc7x4zV3ltPT; Wed, 6 Dec 2006 16:22:15 +0100 (CET) Received: from marvin.harmless.hu (localhost [127.0.0.1]) by marvin.harmless.hu (Postfix) with ESMTP id 7C39F7BFCE5; Wed, 6 Dec 2006 16:22:15 +0100 (CET) Date: Wed, 6 Dec 2006 16:22:14 +0100 From: Gergely CZUCZY To: "Roger Miranda (Digital Relay)" Message-ID: <20061206152214.GA95527@harmless.hu> References: <200612060916.53866.rmiranda@digitalrelay.ca> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=x-unknown; protocol="application/pgp-signature"; boundary="DocE+STaALJfprDB" Content-Disposition: inline In-Reply-To: <200612060916.53866.rmiranda@digitalrelay.ca> User-Agent: mutt-ng/devel-r804 (FreeBSD) Cc: freebsd-pf@freebsd.org Subject: Re: PF rdr from one port to another X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 06 Dec 2006 15:22:52 -0000 --DocE+STaALJfprDB Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Wed, Dec 06, 2006 at 09:16:52AM -0600, Roger Miranda (Digital Relay) wro= te: > Hey Everyone, First time poster here. >=20 > I have a freebsd 6.1 setup with if_bridge. Two nics. > I am running squid on the bridge itself. >=20 > I having some issues doing the routing with PF. > i have: >=20 > rdr on $int_if inet proto tcp from $net to any port www -> $proxy port 31= 28 is $int_if the internal or the bridged interface? what is $proxy? > pass in log all keep state > pass out log all keep state it'd be wise to specify interfaces also here. > Now fromt the workstation I type in "http://slashdot.org" and it see pass= =20 > through squid, but now it is trying to connect to "http://slashdot.org:31= 28" what is "it" that conects to :3128 ? 1) it =3D=3D the client 2) it =3D=3D the squid proxy Bye, Gergely Czuczy mailto: gergely.czuczy@harmless.hu --=20 Weenies test. Geniuses solve problems that arise. --DocE+STaALJfprDB Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (FreeBSD) owFtVM+LFEcUXn8RKPQgSY6Bx7D4c7q3p2Xb2ZbZVXfWNYJJkAUJwUhN95vuYnuq 2qrX09t60KOIhxC8iKDXRBBE/B+85ZxDDvkf8g/kdY+7+YHQh65X733v+75XVT+d OLJ0+ORvb9//cP7pzy8OvTk6mJybVUQ682bSzpX2BkEw8NZWV8OLXuSFw0mUopSR TIbRWrg1//PUptGEmrydpsQYCPdopSyk0pcgyaV1SKOKpt5Q7OeNlSuNU6SMjkHp Qmk82NuxUrspWm9LJyZVOovhXmUIU6+0SpOcFCjEtxpuY9qHMSYQRH0IgyACSRCs xYMoXg2v3AQviIKgD7dMhhZuKkZNJZwZq0yRLOAWFrI5C7U1I0EYi3W4jg1szdE2 RmMfrinrCEjNEJgpMUSOFn2xPgoDTv4acjlHkDC1iBOXQuQPgHVWJdSKclDTuxOr 0gx92KkNaJU4vyuTM7CV1iwL3L1KpWA0UI6wyAZFDovpf9t0uYaJKOcqdJCaNtIW WVNR+9+1/O5a20F1xOJ9AJvatsMyG3dXTdlqJCitIQOUlEzezGC5jXFA6oalWoK6 rsFbh2XO2/sYujAYiXAolDtAatvzL1rNZhr7Lw3pIj6VCW6IOuehtGUd2AYzKqVz nAGFyUAWBewiluBIEu5vsqhP7So6ncIEWazDlq8rMVHT5p9ujiuc+TgnBvvG1J1C 6sjVxu62QHzk2Fbig9qy6OVEZbyy4grp8tSQb2zWYytYBPE8sWM0EgszKWfDs3wx uD5MmKfmHqpTSLbpxmIgMVpj0nn6Kfh4YWbvwJueoh5j84IrudC1lZwVDmFDDM62 +KMLY/46HUmh+JaI8P/xxWnqbBbiaoN9IbbRZlg0sHm/Su43YiZVQSaGbBH2ky58 mS/orEDn/LwSwvNaqbcRtWI/CR35sM2LyvHSmYLPPLfgKzhzC8rS8jh88XjjyLGl 9iXYf0VOHn72y9KrGx+OP//jzutj2y8fvNt14y+94a/l0qsfHz386vcvTm1+tpcJ nP915/sn7z7/Gw== =Jg8o -----END PGP SIGNATURE----- --DocE+STaALJfprDB--