From owner-freebsd-newbies@FreeBSD.ORG Thu Jul 22 14:25:55 2004 Return-Path: Delivered-To: freebsd-newbies@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4B84016A4CE for ; Thu, 22 Jul 2004 14:25:55 +0000 (GMT) Received: from fawkes.compudoc.za.net (myw-stp-196-34-113-10.sentechsa.net [196.34.113.10]) by mx1.FreeBSD.org (Postfix) with ESMTP id 26B2043D67 for ; Thu, 22 Jul 2004 14:25:54 +0000 (GMT) (envelope-from godfrey@compudoc.co.za) Received: from mail.compudoc.za.org ([209.203.2.69]) by fawkes.compudoc.za.net with esmtp (Exim 4.34 (FreeBSD)) id 1BneW5-0007Cw-VT for freebsd-newbies@freebsd.org; Thu, 22 Jul 2004 16:25:50 +0200 Received: from [192.168.0.11] (port=1342 helo=goddies.compudoc.co.za) by mail.compudoc.za.org with asmtp (Exim 4.34 (FreeBSD)) id 1BneUi-0009Fk-6J for freebsd-newbies@freebsd.org; Thu, 22 Jul 2004 16:25:47 +0200 Message-Id: <6.1.2.0.0.20040722160152.027365a8@office.compudoc.za.org> X-Sender: godfrey@compudoc.za.org@office.compudoc.za.org X-Mailer: QUALCOMM Windows Eudora Version 6.1.2.0 Date: Thu, 22 Jul 2004 16:25:25 +0200 To: freebsd-newbies@freebsd.org From: Compu-Doc Godfrey Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed X-Warning: Reverse lookup for 209.203.2.69 failed to verify Subject: Traffic from port 80 X-BeenThere: freebsd-newbies@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Gathering place for new users List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 22 Jul 2004 14:25:55 -0000 Hello I am trying to send all web traffic ie all browsing traffic sent to/via our office squid server. My ultimate aim is to put web guard on the squid server and see who is browsing rather than working :-)) What I am trying to achieve is a member of staff tries to browse the net and does not set the proxy on their pc for what ever reason their traffic gets directed to the proxy server I tried the following in the rc.firewall script /sbin/ipfw add 8500 deny tcp from any to any 80 via fxp0 Which deny's all port 80 traffic and stop's the browsing but then I cant do wget sessions from inside the firewall so the above is not satisfactory. The next thing I tried on the fire wall was redirect_port tcp 127.0.0.1:80 3128 redirect_port tcp 127.0.0.1:80 8080 But that does not help as it seems the sending pc was using ports like 2667 to port 80 on the respective web server. I would really appreciate any help with this problem thanks Kind Regards Godfrey ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Compu-Doc On-Line - http://www.compudoc.co.za Striving To Serve You Better ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Godfrey J. Hamshire Compu-Doc On-Line 10 Perth Place Umbilo Durban 4001 Phone 031 4659009 Fax 031 4651998 Cell 083 773 8776 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Katsumoto: A perfect blossom. You could spend your whole life searching for one, and it would not be a wasted life. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~