Date: Sun, 16 Dec 2012 08:46:30 +0100 From: Leslie Jensen <leslie@eskk.nu> To: Damien Fleuriot <ml@my.gd> Cc: freebsd questions list <freebsd-questions@freebsd.org> Subject: Re: Anyone using squid and pf? Message-ID: <50CD7C56.1000303@eskk.nu> In-Reply-To: <CAE63ME6NOY0XFNteK=-YOy_NT7j-xLxFd4YETpTvLBTp7gh47w@mail.gmail.com> References: <50B0EA28.7060904@eskk.nu> <50B338B2.3090600@gmail.com> <50B3B788.6040801@eskk.nu> <50B3D603.6050904@gmail.com> <50B52A1A.6070103@eskk.nu> <CAE63ME6NOY0XFNteK=-YOy_NT7j-xLxFd4YETpTvLBTp7gh47w@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Damien Fleuriot skrev 2012-11-29 00:28: > > > # 1/ redirect web traffic to the proxy $proxy on port $proxyport > rdr in on $int_if inet proto tcp from !$proxy to any port 80 -> $proxy > port $proxyport tag rdr_proxy > > # 2/ redirect FTP traffic to the ftp-proxy running on the local > machine on port 8021 > rdr in on $int_if inet proto tcp from $int_if:network to any port 21 > -> 127.0.0.1 port 8021 tag rdr_ftp > > # 3/ access rule to allow traffic from the local net to your proxy > pass in quick on $int_if inet proto tcp flags S/SAFR tagged rdr_proxy > > # 4/ access rule to allow traffic from the local net to your FTP proxy > pass in quick on $int_if inet proto tcp flags S/SAFR tagged rdr_ftp > > # 5/ access rule to allow your proxy to do whatever it wants in a very > limited fashion > pass in quick on $int_if inet proto tcp from $proxy to any port { 80 > 443 } flags S/SAFR > > Hello Damien I'm concentrating on getting the web traffic to work first. I've changed rule #1 as you can see below but pf returns a syntax error. # redirect www trafic to proxy rdr in on $int_if inet proto tcp from !$proxy to any port $proxy_services -> $proxy $proxyport tag rdr_proxy My variables are: proxy = "172.18.0.1" proxy_services = "{ 21, 80 }" proxyport="8080" Am I supposed to ad rule #5 as well or is it a suggestion? Thanks /Leslie
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?50CD7C56.1000303>