Date: Mon, 4 Aug 2003 09:45:37 -0700 From: fbsdquestions@worldinternet.org To: freebsd-questions@freebsd.org Subject: Re: ipfw - natd - squid - 3 Nic's - 1 FBSD 5.1 server and routing question Message-ID: <1060015537.e743e870853e2@mail.worldinternet.org> In-Reply-To: <20030804144724.GC7562@happy-idiot-talk.infracaninophile.co.uk> References: <1060003482.e2623ffc060f8@mail.worldinternet.org> <20030804144724.GC7562@happy-idiot-talk.infracaninophile.co.uk>
next in thread | previous in thread | raw e-mail | index | archive | help
Quoting Matthew Seaman <m.seaman@infracaninophile.co.uk>: | On Mon, Aug 04, 2003 at 06:24:42AM -0700, fbsdquestions@worldinternet.org | wrote: <SNIP> | This sounds to me like a policy based routing problem -- googling for | "policy based routing FreeBSD" in Google Groups should prove | informative. | | However, the mechanism is basically the same as you've used to | implement your transparent proxy. All you need to do is insert | another rule to trap the port 80 traffic coming out of Squid and send | the packets to the next-hop gateway on your rl2 interface. That | presumably has it's default route set via the cable network. | | Something like: | | 00500 fwd 10.24.207.254 tcp from me to any 80 Matthew, Thanks, It seems to solve the problem. | | (assuming that 10.24.207.254 is the router address in the cable | companies' network.) Since your Squid is already using a Cable | Co. address as the source address on any outgoing packets this should | cause all in- and out-going HTTP traffic to pass via the Cable | Co. network. Indeed they do. Thanks again. ed -------------------------------------------------
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1060015537.e743e870853e2>