From owner-freebsd-questions@FreeBSD.ORG Sun Jun 15 17:09:38 2003 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 538B337B401 for ; Sun, 15 Jun 2003 17:09:38 -0700 (PDT) Received: from mx1.au.itouchnet.net (nat2.au.itouchnet.net [144.135.23.100]) by mx1.FreeBSD.org (Postfix) with ESMTP id F2DD843F3F for ; Sun, 15 Jun 2003 17:09:36 -0700 (PDT) (envelope-from ajthomson@optushome.com.au) Received: from nobody by mx1.au.itouchnet.net with scanned_ok (Exim 3.36 #1) id 19RhZ1-0005MC-00 for freebsd-questions@freebsd.org; Mon, 16 Jun 2003 10:09:35 +1000 X-TLS: TLSv1:DES-CBC3-SHA:168 athomson.prv.au.itouchnet.net -> mx1.au.itouchnet.net Received: from athomson.prv.au.itouchnet.net ([192.168.13.55]) by mx1.au.itouchnet.net with esmtp (TLSv1:DES-CBC3-SHA:168) (Exim 3.36 #1) id 19RhZ0-0005M5-00 for freebsd-questions@freebsd.org; Mon, 16 Jun 2003 10:09:34 +1000 Received: from localhost ([127.0.0.1] helo=athomson.prv.au.itouchnet.net) by athomson.prv.au.itouchnet.net with esmtp (Exim 4.20) id 19RhZ0-000G6P-8c for freebsd-questions@freebsd.org; Mon, 16 Jun 2003 10:09:34 +1000 Received: (from ajt@localhost)h5G09YUa061900 for freebsd-questions@freebsd.org; Mon, 16 Jun 2003 10:09:34 +1000 (EST) X-Authentication-Warning: athomson.prv.au.itouchnet.net: ajt set sender to ajthomson@optushome.com.au using -f Date: Mon, 16 Jun 2003 10:09:34 +1000 From: Andrew Thomson To: freebsd-questions@freebsd.org Message-ID: <20030616000934.GE60583@athomson.prv.au.itouchnet.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.4.1i X-Checked: Scanned for any viruses and unauthorized attachments at mx1.au.itouchnet.net X-iScan-ID: 20592-1055722174-50767@mx1.au.itouchnet.net version $Name: REL_2_0_2 $ Subject: ipfirewall_forward X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 16 Jun 2003 00:09:38 -0000 i'm working on setting up a transparent squid proxy. would like to clarify what the forward stuff actually does.. this is what I thought was happening.. ipfw2 initialized, divert enabled, rule-based forwarding enabled, default to accept, logging unlimited 00500 fwd 192.168.1.2 tcp from any to any dst-port 80 65535 allow ip from any to any i just thought i'd muck around with apache atm.. i hit the box with these rules on it on port 80, and the request is never fwd'ed to 192.168.1.2 is this what's supposed to happen?? a tcpdump port 80 on both hosts show in the incoming http from the client, however nothing on the machined having the packets forwarded.. can someone clarify this for me? thanks, ajt.