Date: Mon, 16 Jun 2003 09:41:05 +1000 From: Andrew Thomson <ajthomson@optushome.com.au> To: Bill Moran <wmoran@potentialtech.com> Cc: freebsd-questions@freebsd.org Subject: Re: more transparent proxy and squid questions. Message-ID: <20030615234105.GD60583@athomson.prv.au.itouchnet.net> In-Reply-To: <3EE9D5DD.1090209@potentialtech.com> References: <20030613070438.GO15745@athomson.prv.au.itouchnet.net> <3EE9D5DD.1090209@potentialtech.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, Jun 13, 2003 at 09:47:09AM -0400, Bill Moran wrote: > > Yes. You've got the right idea. > hmm.. i have encountered some difficulties ;) so now i'm seeking some more advice.. i have the following rules on my firewall: 10561 skipto 11000 ip from 192.168.1.2 to any 10562 fwd 192.168.1.2,3128 tcp from 192.168.1.3 to any 80 keeping in line with my example, 1=fwall, 2=squid, 3=user the skipto is in there so we go through nat and get a proper ip. i never see any packets get to the squid box though.. ipfw show indicates matching packets ipfw show 10561 10562 10561 5342 331306 skipto 11000 ip from 192.168.1.2 to any 10562 2520 120960 fwd 192.168.1.2,3128 tcp from 192.168.1.3 to any 80 a tcpdump on the squid box looking out for port 3128 shows nothing, although the ipfw shows matches.. i'll keep digging around but any more tips would be appreciated on this setup. thanks, andrew.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030615234105.GD60583>