Am 15.08.2018 um 18:26 schrieb Stuart Henderson:
On 2018-08-15, George <g.lis...@nodeunit.com> wrote:
I believe you may be looking for a redirect not a relay. It all really
depends on your network topology and what you are trying to do but in
general something like this is what you are looking at:
For directing traffic from a PF box to a separate Squid box setup
as an interception ("transparent") proxy, you want "route-to" rather
than "rdr-to" (see squid pkg-readme).
I haven't tried this with relayd but it looks like redirection with
"route to" is what's needed here.
An associated "divert-to" is also needed on the box running Squid
(again see the pkg-readme).
I tried to get the relayd part with redirects and the route-to option
running. The Problem here in my opinion is the listen option of redirects.
You could say something like: listen on ip X port 80 route-to y. So the
redirect will listen for the _destination_ ip X with port 80 and will route
this packets to Y.
But how could you say: listen for _all_ packets coming from this special ip
to any port 80 route to Y?
My first thought was to divert the relevant packets with pf to localhost and
then a redirect should do the job. The pf part is not the problem. But I didn't
find a running redirect configuration. I think grabing diverted packets from
localhost are the job of relays not redirects, right?
