Date: Fri, 15 Oct 2004 09:25:37 -0700 (PDT) From: Sergey Lyubka <ioannvelikiy@yahoo.com> To: pf@freebsd.org Subject: rdr + bridge Message-ID: <20041015162538.60753.qmail@web13606.mail.yahoo.com>
next in thread | raw e-mail | index | archive | help
I am trying to setup transparent proxy. The box has two interfaces, em0 (0.0.0.0, outside interface) em1 (10.0.0.3, inside interface) pf and bridge are running on the box. Proxy is running on the box, listening on 127.0.0.1:8080 This is the pf.conf: ------------------ int_if="em1" ext_if="em0" rdr on $int_if inet proto tcp from any to any port 80 -> 127.0.0.1 port 8080 pass in pass out ------------------- But, when I am trying to access any site from the inside, I see packets emitted by em0, which have destination address 127.0.0.1:8080 Proxy does not receive anything. nfa# sysctl -a | grep bridge net.link.ether.bridge_cfg: em0,em1 net.link.ether.bridge_ipfw: 1 net.link.ether.bridge_ipf: 1 net.link.ether.bridge.config: em0,em1 net.link.ether.bridge.enable: 1 net.link.ether.bridge.predict: 45 net.link.ether.bridge.dropped: 0 net.link.ether.bridge.packets: 80 net.link.ether.bridge.ipfw_collisions: 0 net.link.ether.bridge.ipfw_drop: 0 net.link.ether.bridge.copy: 0 net.link.ether.bridge.ipfw: 1 net.link.ether.bridge.ipf: 1 net.link.ether.bridge.debug: 0 net.link.ether.bridge.version: 031224 nfa# uname -a FreeBSD nfa 5.3-BETA7 FreeBSD 5.3-BETA7 #20: Fri Oct 15 15:41:14 UTC 2004 root@valenok.netfort-iss.com:/usr/obj/usr/src/sys/MANAGER i386 Any ideas ? _______________________________ Do you Yahoo!? Declare Yourself - Register online to vote today! http://vote.yahoo.com
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20041015162538.60753.qmail>