Date: Fri, 13 Jun 2003 17:13:46 +1000 From: Andrew Thomson <ajthomson@optushome.com.au> To: freebsd-questions@freebsd.org Subject: Re: more transparent proxy and squid questions. Message-ID: <20030613071346.GR15745@athomson.prv.au.itouchnet.net> In-Reply-To: <20030613070438.GO15745@athomson.prv.au.itouchnet.net> References: <20030613070438.GO15745@athomson.prv.au.itouchnet.net>
next in thread | previous in thread | raw e-mail | index | archive | help
oh, and does squid need to be compiled with CONFIGURE_ARGS+= --enable-ipf-transparent given the firewall does the divert to the squid box ?? ta, ajt. On Fri, Jun 13, 2003 at 05:04:38PM +1000, Andrew Thomson wrote: > I'm not looking for help at setting this up as such, but rather a better > understanding of what's happening to the packets in this situation. > > I have a freebsd firewall/gateway box. > > I then fwd the port 80 requests to the squid box on port 3128 > > squid then i imagine process the request.. does squid then make the same > http request with it's ip as the source? > > perhaps an illustration might be helpful. > > wall/gwy = 192.168.1.1 > squid = 192.168.1.2 > user = 192.168.1.3 > > user makes an http request. > > ipfw rule on wall diverts to squid: > > ipfw add 50 fwd 192.168.1.2,3128 tcp from any to any 80 > > does squid then make the request with it's ip? > > thus we'd need something like, > > ipfw add 45 allow tcp from 192.168.1.2 to any 80 > > squid updates the cache/passes the data back to the user?? > > thanks, > > ajt. > > > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org" >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030613071346.GR15745>