Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 26 Jun 2002 15:45:29 -0500
From:      "Jon Noack" <noackjr@compgeek.com>
To:        "Jaime" <jaime@snowmoon.com>, <freebsd-ipfw@freebsd.org>
Cc:        <freebsd-questions@freebsd.org>
Subject:   RE: Bridge and proxy?
Message-ID:  <NFBBIJDHKLKEJHKFMLBHEEBCCCAA.noackjr@compgeek.com>
In-Reply-To: <20020626133540.F1925-100000@malkav.snowmoon.com>

next in thread | previous in thread | raw e-mail | index | archive | help
Better list for this is freebsd-ipfw@freebsd.org -- this message sent there
as well...

What does 'ipfw show' output?  Is it not matching all your rules?  With a
bridge it won't match multiple rules...

Jon

-----Original Message-----
From: owner-freebsd-questions@FreeBSD.ORG
[mailto:owner-freebsd-questions@FreeBSD.ORG]On Behalf Of Jaime
Sent: Wednesday, June 26, 2002 12:41 PM
To: freebsd-questions@freebsd.org
Subject: Bridge and proxy?


	I'm trying to set up a FreeBSD 4.6 system for bridging and as a
transparent HTTP proxy.  I have the squid (tcp port 3128) and dansguardian
(tcp port 8080) ports installed and running well.  I have bridging in the
kernel and it is running well.  The topology is:

(ISP) -- (Router) -- (FBSD 4.6) -- (LAN's core switch)

	I have it working well enough that HTTP requests to port 80 are
passing through the FreeBSD box and working correctly.  However, they are
not going into DansGuardian (which passes the request to Squid).  I'm
using the following IPFW rules:

cerberus# ipfw list
00100 allow ip from any to any via lo0
00200 deny ip from any to 127.0.0.0/8
00300 deny ip from 127.0.0.0/8 to any
01000 allow tcp from me to any
01100 allow tcp from any to me 80
01200 fwd 127.0.0.1,8080 tcp from any to any 80
01210 fwd 127.0.0.1,8080 tcp from any to any 8080
01220 fwd 127.0.0.1,8080 tcp from any to any 81
01230 fwd 127.0.0.1,8080 tcp from any to any 8000
65000 allow ip from any to any
65535 allow ip from any to any

	Any advice?

							Thanks in advance,
							Jaime


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?NFBBIJDHKLKEJHKFMLBHEEBCCCAA.noackjr>