On Mon, Nov 19, 2007 at 10:10:43AM -0500, Steve Bertrand wrote: > > > ipfw forwarding is a very easy way to redirect traffic without > > changing it. PF has similar functionality. It all depends on what > > the appliance supports. If wccp is the only way it can eat > > packets, try playing with gre(4). But maybe it'll consume just > > plain packets with "wrong" IP destinations arriving on its MAC > > address, just the way squid on FreeBSD does. > > > > BTW, if the appliance supports ICAP, you'll be much better off > > running squid on a FreeBSD box and filtering content through > > ICAP. > > The appliance does indeed have ICAP capabilities, but I have never > dabbled with it before. > > I am familiar with IPFW, but I'd like to know all options in order to > choose the best one. > > I would very much prefer to do this in a way without having to have > Squid running on the box, but will if I have to.
If filtering is all you want, you don't have to set up squid as a caching proxy. I.e. it won't need much RAM and disk space. I have yet to set up ICAP (with c-icap) in our workshop, but from discussions on squid mailing lists it seems ICAP is in a pretty usable state, both in squid 2.x and 3.x. _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
