From owner-freebsd-questions@FreeBSD.ORG Thu Jul 26 22:23:12 2007 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 4BD2216A417 for ; Thu, 26 Jul 2007 22:23:12 +0000 (UTC) (envelope-from jeffh@tcnetworksinc.com) Received: from stratos.monroe.k12.wi.us (stratos.monroe.k12.wi.us [216.56.60.219]) by mx1.freebsd.org (Postfix) with ESMTP id 21D7813C469 for ; Thu, 26 Jul 2007 22:23:12 +0000 (UTC) (envelope-from jeffh@tcnetworksinc.com) Received: from [10.100.1.190] (tyson-wan-4.dsl.mhtc.net [216.180.213.190]) by stratos.monroe.k12.wi.us (Postfix) with ESMTP id 51385F3C091; Thu, 26 Jul 2007 16:51:59 -0500 (CDT) Message-ID: <46A91779.4050509@tcnetworksinc.com> Date: Thu, 26 Jul 2007 16:51:53 -0500 From: Jeff Hedley Organization: TC Networks, Inc. User-Agent: Thunderbird 2.0.0.5 (X11/20070716) MIME-Version: 1.0 To: freebsd-questions@freebsd.org X-Enigmail-Version: 0.95.2 OpenPGP: id=DABB184E; url=http://www.tcnetworksinc.com/gpgPubkeys/jeffh.asc Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="------------enigBBB28737945AB4718B232C67" Subject: Redirect Incoming port 80 connections to port 8080. X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 26 Jul 2007 22:23:12 -0000 This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enigBBB28737945AB4718B232C67 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable I am having a problem getting a Dansguardian + Squid transparent proxying system going for a client. The following is what i want to do, but cannot figure out how to get it working using ipfw + natd: [Host] - 10.0.0.150/24 - sends request to router google.com:80 | | | v [Router] - 10.0.0.1/24 - receives request for google.com:80 but sets | proxy server as next hop for transparent proxy purposes. | - Not transparently proxyed yet. | v [FreeBSD Proxy] - 10.0.0.2/24 - receives request for google.com:80 | - request gets transparently proxied to 10.0.0.2:8080 | (this is the part I don't know how to do). | - runs through Dans, then Squid. | - Squid sends request out to router again. | - Outing squid requests get NATed to 10.0.0.2 (also | don't know how to do this). | v [Router] - 10.0.0.1/24 - receives the request for google.com again, | but request is allowed through since it's coming from | 10.0.0.2. | v (interweb) Can you tell me how I would setup the FreeBSD box to do what i want using ipfw and natd? -- Jeff Hedley TC Networks, Inc. --------------enigBBB28737945AB4718B232C67 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.4-svn0 (GNU/Linux) iD8DBQFGqRd+N7/CuNq7GE4RAkOQAKCfptMKfC43rohpfBmus9nX5++nogCgp2na eKRGCGkIVRt6z90XMZz65j8= =9kKd -----END PGP SIGNATURE----- --------------enigBBB28737945AB4718B232C67--