Skip site navigation (1)Skip section navigation (2) 
Date:      Thu, 23 Dec 1999 09:39:54 +0800
From:      "aLan Tait" <aLan@fil.net>
To:        Thomas Wahyudi <thomas@home.unpar.ac.id>
Cc:        freebsd-isp@FreeBSD.ORG
Subject:   Re: Transproxy to Squid Box!
Message-ID:  <38617D6A.DABBE1E7@fil.net>
References:  <013a01bf4c63$41179100$6567640a@siomay.unpar.ac.id>
next in thread | previous in thread | raw e-mail | index | archive | help 
Thomas Wahyudi wrote:
> >Here is the layout...
> >
> >Firewall:
> >Outside:  ed1 1.1.27.127 /28
> >Inside:   xl0 2.2.102.1  /23
> >
> >Proxy/Squid: xl0 2.2.102.2 /23
> >
> >Basically, I want to redirect anything that goes to
> >2.2.102.1 port 80 (for any address 0.0.0.0/0)  > 2.2.102.2
> >port 3128
> >
> >Any suggestions, directions, or sample config files of
> >working systems would be most helpful!  If there is a set-up
> >or FAQ about Transproxy - I haven't found it yet (actually
> >thinking about writing my own!)  Any help at all!
> 
> #here's what we using in our campus
> 
> Internet        Internet
>      |                    |
> proxy A       proxy B
>      |_________|
>                |
>            NATD -------> internet
>                |
>            local
> 
> Proxy A & B just an ordinary proxy server with 2 different IP (multihomed)
> all server using FreeBSD box
> NATD using squid in port 3128 that connect to 2 proxy using proxy-only
> option
> and rule in firewall is
> 
> 500  fwd [Natd ip],3128 tcp from any to any 80
> 
> and in NATD squid.conf
> cache_peer proxy_A 3128 3130 proxy-only
> cache_peer proxy_B 3128 3130 proxy-only
> 
> hope that's help

In your layout above... the NATD box shows three lines
coming out of it.  Is this three different interfaces?

Also, does each proxy (A & B) have its own Internet access
(without passing back through the NATD box?

Does anyone have a working example for IPNAT and IPFILTER? 
Or must I change over my firewall to IPFW and NATD like this
example?

aLan
-- 

***  I switched to FreeBSD from When?Doze because...
***  I never knew When?
***  It was going to Doze!

----------------------------------
Filipino Network Solution - Fil.Net
----------------------------------


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?38617D6A.DABBE1E7>