From owner-freebsd-questions Thu Feb 20 15:59:20 2003 Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 0703437B401 for ; Thu, 20 Feb 2003 15:59:19 -0800 (PST) Received: from mail2.dbitech.ca (radius.wavefire.com [64.141.13.252]) by mx1.FreeBSD.org (Postfix) with SMTP id 381F243F85 for ; Thu, 20 Feb 2003 15:59:18 -0800 (PST) (envelope-from darcy@wavefire.com) Received: (qmail 10019 invoked from network); 21 Feb 2003 00:17:36 -0000 Received: from dbitech.wavefire.com (HELO dbitech) (darcy@64.141.15.253) by radius.wavefire.com with SMTP; 21 Feb 2003 00:17:36 -0000 Content-Type: text/plain; charset="us-ascii" From: Darcy Buskermolen Organization: Wavefire Technologies Corp. To: freebsd-questions@freebsd.org Subject: Transparent Proxy Date: Thu, 20 Feb 2003 15:59:15 -0800 User-Agent: KMail/1.4.3 MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Message-Id: <200302201559.16002.darcy@wavefire.com> Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG I'm trying to deploy a transparent proxy server for a friend's office but= have=20 run into a couple of snags that I can't seam to find the correct answer f= or. Please see http://home2.dbitech.bc.ca:8080/netconfig.txt for graphical=20 topology Note that I'm running IPFW2 on both BSD boxes. ipfw list output on 192.168.0.254: 00001 skipto 50000 tcp from any 1023-65535 to me dst-port 22 00040 skipto 50 tcp from 192.168.0.1 to any dst-port 80 00048 fwd 192.168.0.1 tcp from 192.168.0.0/24 to any dst-port 80 out 00999 divert 8669 ip from any to any via ed0 65533 allow ip from any to any 65535 deny ip from any to any ipfw list output on 192.168.0.1: 00500 fwd 127.0.0.1,3128 ip from 192.168.0.0/16 to any dst-port 80 in 65000 allow ip from any to any 65535 deny ip from any to any When the windows box (192.168.0.32) makes a web request it gets forwarded= to=20 the squid machine fine, and squid returns a "access denied" error message= ,=20 checking the cache.log on squid I see the reason is as follows: 2003/02/20 04:19:47| WARNING: Forwarding loop detected for: GET / HTTP/1.0 Can anybody point me in the correct direction to tell me what it is that = I'm=20 missing? P.S. Please CC me on responses as that I'm not subscribed to questions. --=20 Darcy Buskermolen Wavefire Technologies Corp. ph: 250.717.0200 fx: 250.763.1759 http://www.wavefire.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message