Boa tarde lista! Novamente recorrendo a lista por causa dessa droga de conectividade social!!!
Estamos configurando um servidor proxy com as seguintes especificacoes: FreeBSD-6.2-Stable IPFILTER e nao o IPFW ou IPFW2 IPNAT SQUID-2.6 - "NAO" CONFIGURADO DE FORMA TRANSPARENTE! PRO PESSOAL NAVEGAR TEM QUE COLOCAR O PROXY E A PORTA NO NAVEGADOR! E ESTOU TRABALHANDO COM PROXY AUTENTICADO TAMBEM! Encontrei em um monte de lugares o pessoal com solucoes para fazer a conectividade social funcionar usando o IPFW, mas no IPFILTER esta dificil encontrar algo que realmente funcione! Preciso de ajuda com relacao a isso!! Alguem teria um exemplo de configuracao do IPFILTER ou do IPNAT pra que eu resolva isso de vez? Abaixo segue meus arquivos ipf.rules e ipnat.rules: ---------------------------- ipf.rules ---------------------------- ### Loopback - LO0 pass out quick on lo0 all pass in quick on lo0 all ### LINK BRT pass out quick on xl0 all keep state pass in quick on xl0 proto tcp from any to any port = 50000 flags S/SA keep state block in log first quick on xl0 all block in log quick on xl0 from 192.168.0.0/16 to any block in log quick on xl0 from 172.16.0.0/12 to any block in log quick on xl0 from 10.0.0.0/8 to any block in log quick on xl0 from 127.0.0.0/8 to any block in log quick on xl0 from 0.0.0.0/8 to any block in log quick on xl0 from 169.254.0.0/16 to any block in log quick on xl0 from 192.0.2.0/24 to any block in log quick on xl0 from 204.152.64.0/23 to any block in log quick on xl0 from 224.0.0.0/3 to any block in quick on xl0 all with frags block in quick on xl0 proto tcp all with short block in quick on xl0 all with opt lsrr block in quick on xl0 all with opt ssrr block in log first quick on xl0 proto tcp from any to any flags FUP block in quick on xl0 all with ipopts block in quick on xl0 proto icmp all icmp-type 8 block in quick on xl0 proto tcp from any to any port = 113 block in log first quick on xl0 proto tcp/udp from any to any port = 81 block in log first quick on xl0 proto tcp/udp from any to any port = 137 block in log first quick on xl0 proto tcp/udp from any to any port = 138 block in log first quick on xl0 proto tcp/udp from any to any port = 139 ### REDE CORPORATIVA - XL1 - 192.168.0.1/24 pass out quick on xl1 all keep state pass in quick on xl1 all keep state ############ block return-rst in log proto tcp from any to any flags S/SA block return-icmp-as-dest(port-unr) in log proto udp from any to any block return-icmp(net-unr) in log proto udp from any to any ------------------------------------------------ ipnat.rules ------------------------------------------------- map xl0 192.168.0.0/24 -> 0/32 proxy port ftp ftp/tcp map xl0 192.168.0.0/24 -> 0/32 portmap tcp/udp 1000:45000 map xl0 192.168.0.0/24 -> 0/32 rdr xl1 0/0 port 80 -> 127.0.0.1 port 3128 tcp/udp Agradeco toda ajuda possivel!! Obrigado! Cleyton Bertolim. ------------------------- Histórico: http://www.fug.com.br/historico/html/freebsd/ Sair da lista: https://www.fug.com.br/mailman/listinfo/freebsd