Date: Mon, 24 Sep 2007 10:44:22 +0400 From: "A.Rymkus" <rymkus@inbox.ru> To: danow@magix.com.sg Cc: freebsd-isp@freebsd.org Subject: Re: freebsd 6.2 with ipfw forward not working Message-ID: <1732993630.20070924104422@inbox.ru> In-Reply-To: <20070924045035.GB30086@singtel.com> References: <20070924044357.GA30086@singtel.com> <20070924045035.GB30086@singtel.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi, danow. You wrote at 24.09.2007, 8:50:35: dmcs> Hi, dmcs> I have a rule in ipfw to divert all destination address with dmcs> tcp port 80 to a local squid server. However this is working for dmcs> me. When i did a tcpdump on lo0, no packets are seen. dmcs> ipfw rules dmcs> add fwd 127.0.0.1,3128 log tcp from any to any dmcs> and in /var/log/security shows the packet being forwarded. dmcs> This is what squid -v shows dmcs> Squid Cache: Version 2.6.STABLE16 dmcs> configure options: '--bindir=/usr/local/sbin' dmcs> '--sbindir=/usr/local/sbin' '--datadir=/usr/local/etc/squid' dmcs> '--libexecdir=/usr/local/libexec/squid' dmcs> '--localstatedir=/usr/local/squid' dmcs> '--sysconfdir=/usr/local/etc/squid' dmcs> '--enable-removal-policies=lru heap' '--disable-linux-netfilter' dmcs> '--disable-linux-tproxy' '--disable-epoll' '--enable-auth=basic dmcs> ntlm digest' '--enable-basic-auth-helpers=DB NCSA PAM MSNT SMB dmcs> YP' '--enable-digest-auth-helpers=password' dmcs> '--enable-external-acl-helpers=ip_user session unix_group dmcs> wbinfo_group' '--enable-ntlm-auth-helpers=SMB' dmcs> '--enable-negotiate-auth-helpers=squid_kerb_auth' dmcs> '--enable-storeio=ufs diskd null' '--enable-pf-transparent' dmcs> '--enable-ipf-transparent' '--enable-err-languages=Armenian dmcs> Azerbaijani Bulgarian Catalan Czech Danish Dutch English dmcs> Estonian Finnish French German Greek Hebrew Hungarian Italian dmcs> Japanese Korean Lithuanian Polish Portuguese Romanian dmcs> Russian-1251 Russian-koi8-r Serbian Simplify_Chinese Slovak dmcs> Spanish Swedish Traditional_Chinese Turkish' dmcs> '--enable-default-err-language=English' '--prefix=/usr/local' dmcs> '--mandir=/usr/local/man' '--infodir=/usr/local/info/' dmcs> 'i386-portbld-freebsd6.2' 'build_alias=i386-portbld-freebsd6.2' dmcs> 'host_alias=i386-portbld-freebsd6.2' dmcs> 'target_alias=i386-portbld-freebsd6.2' 'CC=cc' 'CFLAGS=-O2 dmcs> -fno-strict-aliasing -pipe ' 'LDFLAGS=' 'CPPFLAGS=' dmcs> in /etc/sysctl.conf dmcs> net.inet.ip.forwarding=1 dmcs> In kernel config, dmcs> options IPFIREWALL dmcs> options IPFIREWALL_FORWARD dmcs> Any idea what's wrong with my config? Have i missed out anything? dmcs> Thanks, dmcs> Denny dmcs> _______________________________________________ dmcs> freebsd-isp@freebsd.org mailing list dmcs> http://lists.freebsd.org/mailman/listinfo/freebsd-isp dmcs> To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org" works for me. only difference is that I use that rules as follows: ipfw fwd 127.0.0.1,3128 log tcp from {internal_net} to any 80 ipfw fwd 127.0.0.1,3128 log tcp from {internal_net} to any 3128 ipfw fwd 127.0.0.1,3128 log tcp from {internal_net} to any 8080 -- WBR, A.Rymkus
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1732993630.20070924104422>