From owner-freebsd-questions Sat Oct 26 10:54: 9 2002 Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 7BA0437B401 for ; Sat, 26 Oct 2002 10:54:05 -0700 (PDT) Received: from dsl-64-128-185-9.telocity.com (dsl-64-128-185-9.telocity.com [64.128.185.9]) by mx1.FreeBSD.org (Postfix) with ESMTP id 769D043E42 for ; Sat, 26 Oct 2002 10:53:59 -0700 (PDT) (envelope-from mjoyner2@hq.dyns.cx) Received: (from root@localhost) by dsl-64-128-185-9.telocity.com (8.12.6/8.11.5) id g9QHqRRG057628; Sat, 26 Oct 2002 13:52:27 -0400 (EDT) (envelope-from mjoyner2@hq.dyns.cx) Received: from imp.hq.dyns.cx (www@dsl-64-128-185-9.telocity.com [64.128.185.9]) by dsl-64-128-185-9.telocity.com (8.12.6/8.11.5av) with ESMTP id g9QHqO3K057618; Sat, 26 Oct 2002 13:52:24 -0400 (EDT) (envelope-from mjoyner2@hq.dyns.cx) From: mjoyner2@hq.dyns.cx Received: (from www@localhost) by imp.hq.dyns.cx (8.12.6/8.12.6/Submit) id g9QHqMQV057613; Sat, 26 Oct 2002 13:52:22 -0400 (EDT) X-Authentication-Warning: imp.hq.dyns.cx: www set sender to mjoyner2@hq.dyns.cx using -f Received: from 192.168.2.34 ( [192.168.2.34]) as user mjoyner2@localhost by imp.hq.dyns.cx with HTTP; Sat, 26 Oct 2002 13:52:21 -0400 Message-ID: <1035654741.3dbad65513507@imp.hq.dyns.cx> Date: Sat, 26 Oct 2002 13:52:21 -0400 To: Derrick Joseph Cc: questions@freebsd.org Subject: Re: transparent proxy support References: In-Reply-To: MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 8bit User-Agent: Internet Messaging Program (IMP) 3.1 / FreeBSD-4.7 X-Originating-IP: 192.168.2.34 X-Virus-Scanned: by AMaViS perl-11 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Ok, I just set it up here. updated my ports directory first. :) performed a *STOCK* install of squid 2.5 cd /usr/ports/www/squid make install added the following to my squid.conf --- httpd_accel_host virtual httpd_accel_with_proxy on httpd_accel_uses_host_header on acl our_networks src 192.168.0.0/16 http_access allow our_networks --- created the cache directory started squid added the following ipfw rule to the box (this box is also my firewall/nat btw) (i did it after my natd divert rule) 00060 10305 545706 allow tcp from me to any 80 00061 4766 6370609 allow tcp from any 80 to me 00062 5620 299803 fwd 127.0.0.1,3128 tcp from any to any 80 tested a web site, and xmms everything is working fine and stuff shows up in my access.log --- # tail access.log 1035654302.029 387 192.168.2.34 TCP_MISS/301 607 GET http://www.slashdot.org/ - DIRECT/64.28.67.150 text/html 1035654302.475 328 192.168.2.34 TCP_MISS/200 11150 GET http://slashdot.org/ - DIRECT/64.28.67.150 text/html 1035654302.898 231 192.168.2.34 TCP_MISS/200 341 GET http://images2.slashdot.org/Slashdot/pc.gif? - DIRECT/64.28.67.114 image/gif --- Quoting Derrick Joseph : > > Oh yes, I was also able to do it before as stated in my > previous email. The problem right now in the current > release is that the ipfilter header files are missing. > > On Sat, 26 Oct 2002 00:01:57 -0400 > mjoyner2@hq.dyns.cx wrote: > >what I was saying, is that I didn't > >do any special build of squid at the time. > > > >unfortunately, this was before 4.7. > > > >Quoting Derrick Joseph : > > > >> > >> So you're using 4.7 ??? > >> > >> On Fri, 25 Oct 2002 23:44:57 -0400 > >> mjoyner2@hq.dyns.cx wrote: > >> >When I was running a transparent proxy for a college I > >> >used to work for, I just installed the standard squid > >> >from the ports collection and just adjusted my kernel > >> >to do the tranparent forwarding via ipfw and it seem > >> >to work just fine. > >> > > >> >Quoting Derrick Joseph : > >> > > >> >> > >> >> > >> >> Hello People !!! > >> >> > >> >> I just upgraded my system from FreeBSD 4.6.2 to > >>FreeBSD > >> >> 4.7-RELEASE and now I'm having problem configuring a > >> >> transparent proxy server support. With my FreeBSD > >>4.6.2 > >> >> before, I haven't encountered a single problem when I > >> >> compiled squid to support transparent proxy with > >> >> "--enable-ipf-transparent" option. Thus, after > >> >>installing > >> >> the box and enabling the IPFIREWALL option in the > >> >>kernel, > >> >> I started installing squid with the same options I > >>did > >> >> with my FreeBSD 4.6.2 box. At the installation > >>process > >> >>it > >> >> stops it tells me that "IPFILTER header files not > >>found" > >> >> so I went through squid's configure script and found > >>out > >> >> that it should be "--enable-pf-transparent" if I want > >>to > >> >> use IPFW as my platform. This time it tells me "PF > >> >>header > >> >> files not found" ... what seems to be the problem in > >> >>here > >> >> ? > >> >> > >> >> Please help I'm using this box for production > >>purposes. > >> >> > >> >> Thanks. > >> >> > >> >> Deejay > >> >> > >>____________________________________________________________________ > >> >> ** Get your free E-Mail account at WWW.DIGITELONE.COM > >>** > >> >> > >> >> To Unsubscribe: send mail to majordomo@FreeBSD.org > >> >> with "unsubscribe freebsd-questions" in the body of > >>the > >> >>message > >> >> > >> > > >> > > >> > > >> > > >> >------------------------------------------------- > >> >This mail sent through IMP: http://horde.org/imp/ > >> > >> ____________________________________________________________________ > >> ** Get your free E-Mail account at WWW.DIGITELONE.COM ** > >> > > > > > > > > > >------------------------------------------------- > >This mail sent through IMP: http://horde.org/imp/ > > ____________________________________________________________________ > ** Get your free E-Mail account at WWW.DIGITELONE.COM ** > ------------------------------------------------- This mail sent through IMP: http://horde.org/imp/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message