Date: Thu, 14 Feb 2002 18:43:02 -0500 (EST) From: "C J Michaels" <cjm2@earthling.net> To: <budsan02@bdg.centrin.net.id> Cc: <freebsd-questions@freebsd.org>, <dwcjr@inethouston.net> Subject: Re: Transparant proxy Message-ID: <1096.10.0.0.254.1013730182.squirrel@mail.lan.27in.tv> In-Reply-To: <20020214162842.GA19623@leviathan.inethouston.net> References: <20020214162842.GA19623@leviathan.inethouston.net>
next in thread | previous in thread | raw e-mail | index | archive | help
[This belongs on -questions not -stable]
Some time in the recent past David W. Chapman Jr. scribbled:
> On Thu, Feb 14, 2002 at 09:21:53PM +0700, budsz wrote:
>> Hi,
>>
>> I was try to enable transparant proxy in my FreeBSD box so I have
>> doing like:
>> ${fwcmd} add 3001 allow tcp from 192.168.0.88 to any
>> ${fwcmd} add 3002 fwd 127.0.0.1,7080 tcp from any to any 80
>> ${fwcmd} add 3003 fwd 192.168.0.88/32,7080 tcp from any to any 80
>>
>> in /etc/rc.firewall, but I think this is useful because my client
>> without proxy they can browsing. how to do transparant proxy in
>> FreeBSD
>>
>>
> IF you would be interested in trying ipnat, transparent proxying
> works great.
Transparent proxying works great with ipfw too. We need more information
than is currently being provided in this posting to properly troubleshoot.
1. What's happening?
2. Are you running squid? or what particular proxy software are you using?
3. Does the proxy work when the browser is configured to directly using
the proxy (not transparent) and the above firewall rules are not
implemented.
4. What firewall type is configured in /etc/rc.conf, and where in said
file are the above listed ipfw rules?
I think your forward rules are too broad. You are forwarding any traffic
destined for port 80 to the transparent proxy, no matter what.
Assuming your network is 192.168.0.0/24 try this rule...
add 3002 fwd 192.168.0.88,7080 tcp from 192.168.0.0/24 to any 80
>
>
> --
> David W. Chapman Jr.
> dwcjr@inethouston.net Raintree Network Services, Inc.
> <www.inethouston.net> dwcjr@freebsd.org FreeBSD Committer
> <www.FreeBSD.org>
--
Chris
"I'll defend to the death your right to say that, but I never said I'd
listen to it!"
-- Tom Galloway with apologies to Voltaire
http://gamershq.madonion.com/compare2k1.shtml?2648972
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1096.10.0.0.254.1013730182.squirrel>