Skip site navigation (1)Skip section navigation (2)
Date:      Fri, 15 Oct 2004 09:25:37 -0700 (PDT)
From:      Sergey Lyubka <ioannvelikiy@yahoo.com>
To:        pf@freebsd.org
Subject:   rdr + bridge
Message-ID:  <20041015162538.60753.qmail@web13606.mail.yahoo.com>

next in thread | raw e-mail | index | archive | help
I am trying to setup transparent proxy.
The box has two interfaces,
em0 (0.0.0.0, outside interface)
em1 (10.0.0.3, inside interface)

pf and bridge are running on the box.
Proxy is running on the box, listening on 127.0.0.1:8080
This is the pf.conf:
------------------
int_if="em1"
ext_if="em0"
rdr on $int_if inet proto tcp from any to any port 80 -> 127.0.0.1 port
8080
pass in
pass out
-------------------

But, when I am trying to access any site from the inside,
I see packets emitted by em0, which have destination address
127.0.0.1:8080

Proxy does not receive anything.

nfa# sysctl -a | grep bridge
net.link.ether.bridge_cfg: em0,em1
net.link.ether.bridge_ipfw: 1
net.link.ether.bridge_ipf: 1
net.link.ether.bridge.config: em0,em1
net.link.ether.bridge.enable: 1
net.link.ether.bridge.predict: 45
net.link.ether.bridge.dropped: 0
net.link.ether.bridge.packets: 80
net.link.ether.bridge.ipfw_collisions: 0
net.link.ether.bridge.ipfw_drop: 0
net.link.ether.bridge.copy: 0
net.link.ether.bridge.ipfw: 1
net.link.ether.bridge.ipf: 1
net.link.ether.bridge.debug: 0
net.link.ether.bridge.version: 031224

nfa# uname -a 
FreeBSD nfa 5.3-BETA7 FreeBSD 5.3-BETA7 #20: Fri Oct 15 15:41:14 UTC
2004     root@valenok.netfort-iss.com:/usr/obj/usr/src/sys/MANAGER 
i386

Any ideas ?


		
_______________________________
Do you Yahoo!?
Declare Yourself - Register online to vote today!
http://vote.yahoo.com



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20041015162538.60753.qmail>