Date: Thu, 16 Jun 2016 14:38:41 +0300 From: atar <atar.yosef@gmail.com> To: Miroslav Lachman <000.fbsd@quip.cz> Cc: Gary Palmer <gpalmer@freebsd.org>, "freebsd-pf@freebsd.org" <freebsd-pf@freebsd.org> Subject: Re: Filter connections based on the hostname. Message-ID: <BCE7D6E6-0389-4674-98AF-4D67A6262268@gmail.com> In-Reply-To: <57625D52.1030607@quip.cz> References: <5858A82C-FB66-4D67-A676-47EABED976CE@gmail.com> <57600481.6080204@quip.cz> <08195C33-DC97-4ADD-9C0A-D9493E2C29F7@gmail.com> <57602DEC.6080201@quip.cz> <969F8F1C-E992-4F47-89F9-759FD8CE2B91@gmail.com> <20160614202243.GA81528@in-addr.com> <545E509D-7851-4D1E-9547-2B20D36DD04E@gmail.com> <57625D52.1030607@quip.cz>
index | next in thread | previous in thread | raw e-mail
> atar wrote on 06/16/2016 09:15: > > [...] > >>> www.google.com DNS TTLs are 5 minutes so you shouldn't have to worry >>> about the IP changing in less then a minute UNLESS your PF firewall >>> and your browser use different DNS servers and could therefore get >>> different answers >>> >>> Regards, >>> >>> Gary >> >> Can you give me any hint how to cause PF to redirect all the traffic through the squid proxy? I'm pretty new in them both (PF and squid). > > You can find basic config here > http://wiki.squid-cache.org/ConfigExamples/Intercept/FreeBsdPf > > Squid can be installed from ports / packages > http://www.freshports.org/www/squid/ > > Miroslav Lachman Hi and thanks for your willing to help. Unfortunately, I didn't succeed to redirect the network traffic through the squid server. I've putted the following line in my pf.conf: rdr pass inet proto tcp from any to any -> 127.0.0.1 port 3128 since the squid server is listening on port 3128, but the traffic isn't going through it. I've also verified that no traffic is redirected to port 3128 by running the command: nc -l 3128. I've no idea what is wrong here.help
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?BCE7D6E6-0389-4674-98AF-4D67A6262268>