Hello,
I've deployed dozens of gateways with transparent HTTP proxy but this
time it isn't working and I suspect pf is somehow involved in this.
Packets aren't being redirected anywhere. I've disabled filtering
totally to debug this.
I've a rule to redirect every connection attempt to port 80 to
127.0.0.1 port 3128:
rdr on $lan_if proto tcp from { $lan_net } to any port 80 -> 127.0.0.1
port 3128
In squid.conf I've enabled this:
httpd_accel_host virtual
httpd_accel_port 80
httpd_accel_with_proxy on
httpd_accel_uses_host_header on
The rdr rule is being matched and with tcpdump I see packets coming
into the $lan_if but nothing gets to $ext_if or loopback. They simply
disappear (and the originating machine doesn't get a answer back).
Running tcpdump on pflog0 doesn't show anything either (as expected
since there's no filter rule).
This was happening on 5.3-STABLE and I updated the system to
5.4-STABLE this week. Both $int_if and $ext_if are vr interfaces.
Weird enough.. this works on every other box except this and another
one. And nothing fixes it.
Any way to debug this ? I've run out of ideas.
Thanks in advance,
--
Giovanni P. Tirloni / [EMAIL PROTECTED]
_______________________________________________
freebsd-pf@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-pf
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
