From owner-freebsd-stable@FreeBSD.ORG Wed Apr 18 02:02:57 2007 Return-Path: X-Original-To: freebsd-stable@freebsd.org Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 3509E16A401 for ; Wed, 18 Apr 2007 02:02:57 +0000 (UTC) (envelope-from zen@tk-pttuntex.com) Received: from matrix.tk-pttuntex.com (matrix.tk-pttuntex.com [203.77.209.162]) by mx1.freebsd.org (Postfix) with ESMTP id 9773513C4BC for ; Wed, 18 Apr 2007 02:02:56 +0000 (UTC) (envelope-from zen@tk-pttuntex.com) Received: from [172.64.14.3] (core.bps.co.id [202.57.0.93]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) (Authenticated sender: zen) by matrix.tk-pttuntex.com (Postfix) with ESMTP id 0D3A040B54E; Wed, 18 Apr 2007 09:02:55 +0700 (WIT) Message-ID: <46257D1A.7050808@tk-pttuntex.com> Date: Wed, 18 Apr 2007 09:06:18 +0700 From: zen User-Agent: Mozilla Thunderbird 1.0.6 (Windows/20050716) X-Accept-Language: en-us, en MIME-Version: 1.0 To: jonathan michaels References: <46247471.9030503@tk-pttuntex.com> <200704172129.22275.sanya-spb@list.ru> <20070418095903.12432@caamora.com.au> <462575D4.2010801@tk-pttuntex.com> <20070418115654.30422@caamora.com.au> In-Reply-To: <20070418115654.30422@caamora.com.au> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 8bit Cc: freebsd-stable@freebsd.org Subject: Re: tproxy on freebsd X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 18 Apr 2007 02:02:57 -0000 jonathan michaels wrote: >On Wed, Apr 18, 2007 at 08:35:16AM +0700, zen wrote: > > >>jonathan michaels wrote: >> >> >> >>>alexander, >>> >>>list, sorry for posting to list, i tried to post to advertised mail >>>address and my post bounced as "user unknown". so i try here. >>> >>>On Tue, Apr 17, 2007 at 09:29:21PM +0400, Alexander Kuprijanov wrote: >>> >>> >>> >>> >>>>В сообщении от Tuesday 17 April 2007 11:17:05 zen написал(а): >>>> >>>> >>>> >>>> >>> >>> >>> >>> >>>>I use transparent proxy on my home wi-fi network, and on work (ethernet lan) >>>>with pf+proxy on FreeBSD gateways without any problems... earlier I used >>>>ipfilter+proxy (for transparent proxing) also without problems. >>>> >>>>I can share my config (pf+proxy) if you need >>>> >>>> >>>> >>>> >>>i don't have a problem with this but i am going to be setting up a >>>similar setup and would appreciate the help a working setup would >>>provide. >>> >>>sorry for my poor english and typing .. i am disabled. >>> >>>kind regards >>> >>>jonathan >>> >>> >>> >>> >>> >>any help will be appreciated, i could use a sample configuration file >>regarding this problem. >>FYI i already running transparent proxy with ipf+ipnat,: >> >>rdr nve0 0.0.0.0/0 port 80 -> 122.x.x.x port 3128 tcp >> >>but with that configuration, still the proxy ip address that visible >>when my client using the proxy. >>is it me or just i cant achieve that with FreeBSD? >>because i hate to switch to other OS only because of this. >> >>anyway this what i found in the net, but only work on linux >> >>http://www.sanog.org/resources/sanog4-devdas-transproxy.pdf >> >> > >sorry my internet (web browser machine/webbrowser is offline) access is >broken at moment .. i use lynx on a 486dx50, its 20 years old. > >will this work on centos v4 and/or debian v3.4 ??? i am setting up a >compaq proliant 5500r as the network backbone, multi boot (freebsd v6, >debian v3.4 and ms window 2003 server/professional). this is my fall >back stratagy. > >much thanks and most kind regards > >jonathan > > > i think so, it work on most of linux machine depend on your linux kernel. here is the patch for the kernel : http://www.balabit.com/downloads/tproxy/ but if i cand choose linux or FreeBSD i preferred FreeBSD ( i'm a FreeBSD die hard user). that's why i ask the people here, maybe they have solutions regarding this problems. TIA Zen