On Fri, 12 Jul 2002, Carlos Carnero wrote:
> Hi,
>
> I have already set up IP Filter and ipnat, together
> with Squid I have created a "transparent" proxy. The
> syntax of the ipnat rule is:
>
> rdr fxp0 0.0.0.0/0 port 80 -> 192.168.4.1 port
> 3128
>
> being fxp0 my internal interface, and 192.168.4.1 the
> internal IP number of the gateway. So, right now
> everybody is directed to Squid :)
>
> However, is there a way to exclude a couple of
> internal IP numbers from being redirected?
Just exclude them from the rdr rule. The easiest way is to place the excluded
IPs in a different range than the redirected ones. Put a 'rdr' rule for
the later, and the former ones won't be redirected. For example, if your
internal net is 192.168.4.0/24, place a privilleged block in the lower 64
IPs and the rdr rule becomes:
rdr fxp0 192.168.4.64/26 -> 192.168.4.1 port 3128
rdr fxp0 192.168.4.128/25 -> 192.168.4.1 port 3128
That is, the lower 64 addresses won't be redirected, and everything else will.
Hope this helps.
Fer
>
> Best regards,
> Carlos.
>
> __________________________________________________
> Do You Yahoo!?
> Sign up for SBC Yahoo! Dial - First Month Free
> http://sbc.yahoo.com
>
> To Unsubscribe: send mail to [EMAIL PROTECTED]
> with "unsubscribe freebsd-questions" in the body of the message
>
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-questions" in the body of the message
