From owner-freebsd-questions Thu Jul 5 5:13:15 2001 Delivered-To: freebsd-questions@freebsd.org Received: from mail.cult.cu (mail.cult.cu [169.158.120.2]) by hub.freebsd.org (Postfix) with ESMTP id 992B637B407 for ; Thu, 5 Jul 2001 05:13:04 -0700 (PDT) (envelope-from admin@atenas.cult.cu) Received: from mail by mail.cult.cu with local-bsmtp (Exim 3.03 #2) id 15I7zu-0004xN-00; Thu, 05 Jul 2001 08:12:42 -0400 Received: from [169.158.120.178] (helo=mail.atenas.cult.cu) by mail.cult.cu with esmtp (Exim 3.03 #2) id 15I7zn-0004wz-00; Thu, 05 Jul 2001 08:12:35 -0400 Received: from mail.atenas.cult.cu ([169.158.120.179] helo=proxy.atenas.cult.cu) by mail.atenas.cult.cu with smtp (Exim 3.22 #2) id 15I81j-0000q9-00; Thu, 05 Jul 2001 08:14:35 -0400 From: Manolo Valdes To: Jens Trzaska , freebsd-questions@freebsd.org Subject: Re: transparent proxy problem Date: Thu, 5 Jul 2001 08:10:50 -0400 X-Mailer: KMail [version 1.0.28] Content-Type: text/plain; charset="us-ascii" References: <01070408472700.01695@proxy.atenas.cult.cu> <3B438F44.2EDCCFA5@gmx.net> In-Reply-To: <3B438F44.2EDCCFA5@gmx.net> MIME-Version: 1.0 Message-Id: <01070508120800.01583@proxy.atenas.cult.cu> Content-Transfer-Encoding: 8bit Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG yes its runing already the problem was in the ipfw command thanks Manolito On Wed, 04 Jul 2001, you wrote: > Hello! > > Manolo Valdes wrote: > > > > Hi > > I'm trying to run squid as a transparent proxy but nothing works fine. > > > > there is the squid.conf file: > > _____________________________________________ > > #Squid Transparent proxy settings > > httpd_accel_host virtual > > httpd_accel_port 80 > > httpd_accel_with_proxy on > > httpd_accel_uses_host_header on > > > > #Defaults: > > > > acl all src 0.0.0.0/0.0.0.0 > > acl manager proto cache_object > > acl localhost src 127.0.0.1/255.255.255.255 > > acl SSL_ports port 443 563 > > acl Safe_ports port 80 21 443 563 70 210 1025-65535 > > acl Safe_ports port 280 # http-mgmt > > acl Safe_ports port 488 # gss-http > > acl Safe_ports port 591 # filemaker > > acl Safe_ports port 777 # multiling http > > acl CONNECT method CONNECT > > > > # My acls > > acl This_One src 169.158.120.179/255.255.255.255 > > acl LAN src 192.168.1.1/255.255.255.0 > > #Default configuration: > > > > http_access allow manager localhost > > http_access deny manager > > http_access deny !Safe_ports > > > > http_access allow This_One > > http_access allow LAN > > http_access deny all > > ____________________________________________________ > > > > and there is the ipfw rules > > > > 00050 fwd 169.158.120.179,3128 tcp from 192.168.1.0/24 80 to any > > shouldn't that be: > > 00050 fwd 169.158.120.179,3128 tcp from 192.168.1.0/24 to any 80 > > 80 is the destination port... > > > 00100 allow ip from any to any via lo0 > > 00200 deny ip from any to 127.0.0.0/8 > > 65000 allow ip from any to any > > 65535 deny ip from any to any > > > > My kernel have been compiled whith > > ________________________________________________ > > options IPFIREWALL > > options IPFIREWALL_VERBOSE > > options IPFIREWALL_FORWARD > > options IPDIVERT > > _________________________________________________ > > > > so i think everything is ok, but nothing works. > > i was wondering if the squid that cames with FreeBSD-4.2 distributions is > > compiled for transparent proxy? > > if that doesn't work ask me again. I have that constellation working > over here. Works really fine. > > Regards Jens Trzaska > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message