From owner-freebsd-questions Wed Jan 24 8:12:19 2001 Delivered-To: freebsd-questions@freebsd.org Received: from smtp5.mail.yahoo.com (smtp5.mail.yahoo.com [128.11.69.102]) by hub.freebsd.org (Postfix) with SMTP id AB8D337B400 for ; Wed, 24 Jan 2001 08:12:01 -0800 (PST) Received: from d83b5f53.dsl.flashcom.net (HELO home) (216.59.95.83) by smtp.mail.vip.suc.yahoo.com with SMTP; 24 Jan 2001 16:12:00 -0000 X-Apparently-From: Message-ID: <000c01c0861f$e07a6640$0201a8c0@flashcom.com> From: "Anthony" To: Subject: ipfw forwarding to remote machines Date: Tue, 23 Jan 2001 23:55:21 -0500 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.50.4133.2400 X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4133.2400 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Hi, Recently i setup a transparent proxy server with squid. That worked just fine, used a fwd rule to forward all traffic to localhost, etc. Now I have more of a problem though. I have a gateway at 30.30.30.1 and a proxy server at 20.20.20.1. Both have public interfaces and are not connected through any sort of private network. What I need to do is to forward all traffic on port 80 of the gateway 30.30.30.1 (thus allowing for transparent caching for people behind it) to the proxy server 20.20.20.1. I made the following rule (where 10.10.0.0/16 is the gateway's:internal network) /sbin/ipfw add fwd 20.20.20.1 tcp from 10.10.0.0/16 to any 80 and it doesn't work. packets don't get directed to 20.20.20.1, they just go where they are supposed to. If I run squid locally and forward to localhost, it does fine (its just that its a P130 with 800M hdd, kinda stupid to run squid on it) The kernel is compiled with all necessary options. (since nat works, and forwarding to localhost works) Also the manual says that if you fwd to an IP that is further than one hop away, the routing table will be used to relay the packet. host 20.20.20.1 is fully accessible! Can someone tell me what I can do about this, or possibly suggest an alternative forwarding solution? Thanks all! _________________________________________________________ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message