From owner-freebsd-questions Sat Oct 26 11: 1: 7 2002 Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 637A237B401 for ; Sat, 26 Oct 2002 11:01:04 -0700 (PDT) Received: from dsl-64-128-185-9.telocity.com (dsl-64-128-185-9.telocity.com [64.128.185.9]) by mx1.FreeBSD.org (Postfix) with ESMTP id 9CA8943E65 for ; Sat, 26 Oct 2002 11:00:59 -0700 (PDT) (envelope-from mjoyner2@hq.dyns.cx) Received: (from root@localhost) by dsl-64-128-185-9.telocity.com (8.12.6/8.11.5) id g9QHxTaH057887; Sat, 26 Oct 2002 13:59:29 -0400 (EDT) (envelope-from mjoyner2@hq.dyns.cx) Received: from imp.hq.dyns.cx (www@dsl-64-128-185-9.telocity.com [64.128.185.9]) by dsl-64-128-185-9.telocity.com (8.12.6/8.11.5av) with ESMTP id g9QHxQ3K057874; Sat, 26 Oct 2002 13:59:26 -0400 (EDT) (envelope-from mjoyner2@hq.dyns.cx) From: mjoyner2@hq.dyns.cx Received: (from www@localhost) by imp.hq.dyns.cx (8.12.6/8.12.6/Submit) id g9QHxPZK057873; Sat, 26 Oct 2002 13:59:25 -0400 (EDT) X-Authentication-Warning: imp.hq.dyns.cx: www set sender to mjoyner2@hq.dyns.cx using -f Received: from 192.168.2.34 ( [192.168.2.34]) as user mjoyner2@localhost by imp.hq.dyns.cx with HTTP; Sat, 26 Oct 2002 13:59:24 -0400 Message-ID: <1035655164.3dbad7fc91640@imp.hq.dyns.cx> Date: Sat, 26 Oct 2002 13:59:24 -0400 To: Derrick Joseph Cc: questions@freebsd.org Subject: Re: transparent proxy support References: In-Reply-To: MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 8bit User-Agent: Internet Messaging Program (IMP) 3.1 / FreeBSD-4.7 X-Originating-IP: 192.168.2.34 X-Virus-Scanned: by AMaViS perl-11 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG if you are serving web pages off of your natd/ipfw/squid box, the following helps to... (to prevent people trying to view your site from getting squid denied errors) modify my previous rule 62 to read 00062 4792 259184 fwd 127.0.0.1,3128 tcp from any to any 80 via ed0 where (in my case) ed0 is your INTERNAL nic, not your public nic 00060 20198 1074897 allow tcp from me to any 80 00061 11339 15005323 allow tcp from any 80 to me 00062 4792 259184 fwd 127.0.0.1,3128 tcp from any to any 80 via ed0 Quoting Derrick Joseph : > > Oh yes, I was also able to do it before as stated in my > previous email. The problem right now in the current > release is that the ipfilter header files are missing. > > On Sat, 26 Oct 2002 00:01:57 -0400 > mjoyner2@hq.dyns.cx wrote: > >what I was saying, is that I didn't > >do any special build of squid at the time. > > > >unfortunately, this was before 4.7. > > > >Quoting Derrick Joseph : > > > >> > >> So you're using 4.7 ??? > >> > >> On Fri, 25 Oct 2002 23:44:57 -0400 > >> mjoyner2@hq.dyns.cx wrote: > >> >When I was running a transparent proxy for a college I > >> >used to work for, I just installed the standard squid > >> >from the ports collection and just adjusted my kernel > >> >to do the tranparent forwarding via ipfw and it seem > >> >to work just fine. > >> > > >> >Quoting Derrick Joseph : > >> > > >> >> > >> >> > >> >> Hello People !!! > >> >> > >> >> I just upgraded my system from FreeBSD 4.6.2 to > >>FreeBSD > >> >> 4.7-RELEASE and now I'm having problem configuring a > >> >> transparent proxy server support. With my FreeBSD > >>4.6.2 > >> >> before, I haven't encountered a single problem when I > >> >> compiled squid to support transparent proxy with > >> >> "--enable-ipf-transparent" option. Thus, after > >> >>installing > >> >> the box and enabling the IPFIREWALL option in the > >> >>kernel, > >> >> I started installing squid with the same options I > >>did > >> >> with my FreeBSD 4.6.2 box. At the installation > >>process > >> >>it > >> >> stops it tells me that "IPFILTER header files not > >>found" > >> >> so I went through squid's configure script and found > >>out > >> >> that it should be "--enable-pf-transparent" if I want > >>to > >> >> use IPFW as my platform. This time it tells me "PF > >> >>header > >> >> files not found" ... what seems to be the problem in > >> >>here > >> >> ? > >> >> > >> >> Please help I'm using this box for production > >>purposes. > >> >> > >> >> Thanks. > >> >> > >> >> Deejay > >> >> > >>____________________________________________________________________ > >> >> ** Get your free E-Mail account at WWW.DIGITELONE.COM > >>** > >> >> > >> >> To Unsubscribe: send mail to majordomo@FreeBSD.org > >> >> with "unsubscribe freebsd-questions" in the body of > >>the > >> >>message > >> >> > >> > > >> > > >> > > >> > > >> >------------------------------------------------- > >> >This mail sent through IMP: http://horde.org/imp/ > >> > >> ____________________________________________________________________ > >> ** Get your free E-Mail account at WWW.DIGITELONE.COM ** > >> > > > > > > > > > >------------------------------------------------- > >This mail sent through IMP: http://horde.org/imp/ > > ____________________________________________________________________ > ** Get your free E-Mail account at WWW.DIGITELONE.COM ** > ------------------------------------------------- This mail sent through IMP: http://horde.org/imp/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message