Date: Tue, 9 Jan 2007 15:28:44 +0100 (CET) From: Oliver Fromme <olli@lurza.secnetix.de> To: freebsd-questions@FreeBSD.ORG, teklimbu@wlink.com.np Subject: Re: Using IPFW to bypass hotmail.com Message-ID: <200701091428.l09ESiAR011052@lurza.secnetix.de> In-Reply-To: <20070109162922.9549fa55.teklimbu@wlink.com.np>
next in thread | previous in thread | raw e-mail | index | archive | help
Tek Bahadur Limbu wrote: > I run a transparent squid proxy using IPFW below: > > ipfw -q add allow tcp from 192.168.55.0/24 to any 3128 in via bge0 That's not the rule for transparent proxying. For that you need a "forward" (or "fwd") rule, not an "allow" rule. (Of course, the "allow" rule above might still be needed, but it's not the one that actually enables the transparent proxying). > Now I want the IP: 192.168.55.22 to bypass Squid when requesting > www.hotmail.com. > > How do I go about doing this using IPFW? Can somebody shed some light > on this issue? Simply add an "allow" rule for that IP, and place it _before_ the "forward" (or "fwd") rule in your rule set: allow tcp from 192.168.55.22 to www.hotmail.com Note that the hostname is not resolved dynamically, but at the time the rule is added to teh rule set. Best regards Oliver -- Oliver Fromme, secnetix GmbH & Co. KG, Marktplatz 29, 85567 Grafing Dienstleistungen mit Schwerpunkt FreeBSD: http://www.secnetix.de/bsd Any opinions expressed in this message may be personal to the author and may not necessarily reflect the opinions of secnetix in any way. "To this day, many C programmers believe that 'strong typing' just means pounding extra hard on the keyboard." -- Peter van der Linden
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200701091428.l09ESiAR011052>