Date: Wed, 17 Sep 2003 21:07:29 -0400 From: "Bob Hall" <rjhjr@cox.net> To: freebsd-stable@freebsd.org Subject: Re: ipfw + trasnparent proxy Message-ID: <20030918010728.GB14063@kongemord.krig.net> In-Reply-To: <3F68D526.8080909@thepacific.net> References: <3F669753.4040205@thepacific.net> <20030916064224.GA90448@e-Gitt.NET> <20030916065615.GB5711@kongemord.krig.net> <3F6775D0.1030501@thepacific.net> <20030916222806.GA8681@kongemord.krig.net> <20030917004141.GC8911@kongemord.krig.net> <3F68D526.8080909@thepacific.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, Sep 18, 2003 at 09:41:58AM +1200, Marcos Biscaysaqu wrote:
> Hi Bob.
> I have the proxy working and setting to trasnparent proxy, and I
> have got my IPFW working. the problem is
> I have my proxy on port 3218 and I want redirect all the traffic on port
> 80 to my proxy so the client don't need setup the proxy in them browser.
> Do you know how can I make work it with IPFW.
> thanks
OK. To recapitulate, you need
options IPFIREWALL #firewall
options IPFIREWALL_FORWARD #enable transparent proxy support
in the kernel config file, and then you need to recompile. If IPFW works,
then you obviously have the first. Make sure you've recompiled with the
second also.
You need the following line in rc.firewall:
${fwcmd} add fwd 127.0.0.1,3128 tcp from any to any 80 in via ${iif}
where iif is the internal interface that your proxy box uses to communicate
with your LAN. For example, my firewall file contains
iif="fxp0"
Further questions should go to freebsd-questions, rather than
freebsd-stable.
Bob Hall
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030918010728.GB14063>