Date: Fri, 2 Feb 2001 13:59:50 -0700 (MST) From: Nick Rogness <nick@rapidnet.com> To: Julian Elischer <julian@elischer.org> Cc: Joao Carlos Mendes Luis <jonny@jonny.eng.br>, mi@aldan.algebra.com, questions@FreeBSD.ORG, net@FreeBSD.ORG Subject: Re: transparent proxying through a separate machine Message-ID: <Pine.BSF.4.21.0102021348330.33204-100000@rapidnet.com> In-Reply-To: <3A7ACA03.BA4D3F31@elischer.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, 2 Feb 2001, Julian Elischer wrote: > Joao Carlos Mendes Luis wrote: > > > > ipfw add allow ip from any to any out > > the probele is the line above. > > > > ipfw add fwd localhost,3128 log tcp from any to any 3128 in > > the above shoudl be 'out'.. FWD is not symetrical.. > you can only fwd locally on 'in' and fwd remotly on 'out'. It says this in the > man page but it's a bit hard to read. I should fix it.. After playing with fwd for a while, I re-read the ipfw man page and picked up that it only applies to packets leaving the system. However, when I was testing this I had fwd setup on incoming packets and added the 'log' keyword so I could see what was going on. It did report via syslog that packets were being forwarded to the address even though they weren't. That was the confusing part. A little rewording on the man page would help. Thanks for the clarification. Nick Rogness - Keep on routing in a Free World... "FreeBSD: The Power to Serve " To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0102021348330.33204-100000>