skipto 510 tcp from 192.168.0.1 to any dst-port 80
From: Darcy Buskermolen <[EMAIL PROTECTED]> To: [EMAIL PROTECTED] Subject: Transparent Proxy Date: Tue, 25 Feb 2003 16:42:09 -0800
(Promoted to -net due to lack of responces on -questions)
I'm trying to deploy a transparent proxy server for a friend's office but have
run into a couple of snags that I can't seam to find the correct answer for.
Please see http://home2.dbitech.bc.ca:8080/netconfig.txt for graphical
topology
Note that I'm running IPFW2 on both BSD boxes.
ipfw list output on 192.168.0.254:
00001 skipto 50000 tcp from any 1023-65535 to me dst-port 22 00040 skipto 50 tcp from 192.168.0.1 to any dst-port 80 00048 fwd 192.168.0.1 tcp from 192.168.0.0/24 to any dst-port 80 out 00999 divert 8669 ip from any to any via ed0 65533 allow ip from any to any 65535 deny ip from any to any
ipfw list output on 192.168.0.1:
00500 fwd 127.0.0.1,3128 ip from 192.168.0.0/16 to any dst-port 80 in 65000 allow ip from any to any 65535 deny ip from any to any
When the windows box (192.168.0.32) makes a web request it gets forwarded to
the squid machine fine, and squid returns a "access denied" error message,
checking the cache.log on squid I see the reason is as follows:
2003/02/20 04:19:47| WARNING: Forwarding loop detected for: GET / HTTP/1.0
All the information I can find online regaring setting up transparent proxying
for squid using ipfw shows squid running on the gateway host, or on a
diffrent network segment. Can anybody point me in the correct direction to
tell me what it is that I'm missing?
-- Darcy Buskermolen Wavefire Technologies Corp. ph: 250.717.0200 fx: 250.763.1759 http://www.wavefire.com
To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-net" in the body of the message
_________________________________________________________________
STOP MORE SPAM with the new MSN 8 and get 2 months FREE* http://join.msn.com/?page=features/junkmail
To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-net" in the body of the message
