From owner-freebsd-questions Mon Oct 28 6: 4:27 2002 Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id ABA1A37B401 for ; Mon, 28 Oct 2002 06:04:25 -0800 (PST) Received: from out-mta3.plasa.com (out-mta2.plasa.com [202.134.0.198]) by mx1.FreeBSD.org (Postfix) with ESMTP id 1394843E42 for ; Mon, 28 Oct 2002 06:04:24 -0800 (PST) (envelope-from sizulku@telkom.net) Received: from out-mta2.plasa.com ([192.168.17.22] helo=f2.c.plasa.com) by out-mta3.plasa.com with esmtp (Exim 4.10) id 186AVA-001KcE-00 for questions@freebsd.org; Mon, 28 Oct 2002 21:04:20 +0700 Received: from [192.168.19.21] (HELO b2.c.plasa.com) by f2.c.plasa.com (CommuniGate Pro SMTP 4.0b10) with ESMTP id 7057269 for questions@freebsd.org; Mon, 28 Oct 2002 21:04:20 +0700 Received: from [192.168.17.15] (account ) by b2.c.plasa.com (CommuniGate Pro WebUser 4.0b10) with HTTP id 284422 for ; Mon, 28 Oct 2002 21:04:20 +0700 From: "zulkarnain" Subject: ipnat redirection problem To: questions@FreeBSD.ORG X-Mailer: CommuniGate Pro Web Mailer v.4.0b10 Date: Mon, 28 Oct 2002 21:04:20 +0700 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="ISO-8859-1"; format="flowed" Content-Transfer-Encoding: 8bit Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Hi, I'm trying to configure out the transparent proxy with ipnat-redirection rdr fxp1 0/0 port 80 -> 202.167.aaa.ccc port 3128 but this scheme isn't working fine. When I go (through PC1) to some web servers, I get error about inaccessibility web server at client browser.From freebsd box I see (using ipnat -l)any packets redirect to squid box, but at squid box I did not see any packets from freebsd box. What can I do at this situation? Can anybody push me to right direction? Best regards, zulkarnain Internet | | ------------------------- | | SQUID fxp0 202.167.aaa.bbb 202.167.aaa.ccc FreeBSD 4.6 fxp1 202.167.xxx.yyy | ---------------------------- | | | PC1 PC2 PC3 202.167.xxx.ddd 202.167.xxx.eee 202.167.xxx.fff -------- kernel config ----- options IPFIREWALL options IPFIREWALL_DEFAULT_TO_ACCEPT options IPFIREWALL_VERBOSE options IPFIREWALL_VERBOSE_LIMIT=300 options IPFIREWALL_FORWARD options IPFILTER options IPFILTER_LOG -------- /etc/rc.conf ------- ipfilter_enable="YES" ipnat_enable="YES" ipmon_enable="YES" ipfs_enable="YES" -------- /etc/ipnat.rules ---- rdr fxp1 0/0 port 80 -> 202.167.aaa.ccc port 3128 -------- squid.conf -------- http_port 3128 httpd_accel_host virtual httpd_accel_port 80 httpd_accel_with_proxy on httpd_accel_uses_host_header on ========================================================================= Ikuti polling TELKOM Memo 166 di www.plasa.com dan menangkan hadiah masing-masing Rp 250.000 tunai. ========================================================================= To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message