From owner-freebsd-pf@FreeBSD.ORG Fri Dec 19 13:21:45 2008 Return-Path: Delivered-To: freebsd-pf@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id AC3691065673 for ; Fri, 19 Dec 2008 13:21:45 +0000 (UTC) (envelope-from leslie@eskk.nu) Received: from mx1.bjare.net (mx1.bjare.net [212.31.160.3]) by mx1.freebsd.org (Postfix) with ESMTP id 6C3A38FC1C for ; Fri, 19 Dec 2008 13:21:45 +0000 (UTC) (envelope-from leslie@eskk.nu) Received: from localhost (localhost [127.0.0.1]) by mx1.bjare.net (Postfix) with ESMTP id 571794B2006 for ; Fri, 19 Dec 2008 14:21:44 +0100 (CET) X-Virus-Scanned: Debian amavisd-new at mx1.bjare.net X-Spam-Flag: NO X-Spam-Score: 2.37 X-Spam-Level: ** X-Spam-Status: No, score=2.37 tagged_above=-999 required=5 tests=[AWL=-0.798, HELO_LH_HOME=3.169, SPF_PASS=-0.001] Received: from mx1.bjare.net ([127.0.0.1]) by localhost (mx1.bjare.net [127.0.0.1]) (amavisd-new, port 10024) with LMTP id Ga8fwkJkJojP for ; Fri, 19 Dec 2008 14:21:41 +0100 (CET) X-BN-MX1: ja X-BN-MailInfo: BjareNet Received: from bljbsd01.homenet.home (c-195-216-040-164.static.bjare.net [195.216.40.164]) by mx1.bjare.net (Postfix) with ESMTP id D467B4B2005 for ; Fri, 19 Dec 2008 14:21:41 +0100 (CET) Message-ID: <494B9FE5.6070501@eskk.nu> Date: Fri, 19 Dec 2008 14:21:41 +0100 From: Leslie Jensen User-Agent: Thunderbird 2.0.0.18 (X11/20081125) MIME-Version: 1.0 To: freebsd-pf@freebsd.org Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Subject: clientNatLookup: PF open failed: (13) Permission denied X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 19 Dec 2008 13:21:45 -0000 I've tried the squid users mail list but I try here. I'm aware that this list is not a squid list, but with it beeing PF I hope someone has a suggestion how to fix my problem. I'm not sure if I want to change the rights on /dev/pf that's why I'm asking. I'm running Squid-3.0.10 on FreeBSD 7.0-RELEASE-p4 with PF. I've noticed that in cache.log are a lot of entries as the one below clientNatLookup: PF open failed: (13) Permission denied I've found some information on the problem via Google. One is "start Squid as root". Squid is started via rc.conf so I think that is sorted. There is a concern about rights on /dev/pf Finally there's some advice ---- snip---- If you are performing any kind of transparent interception with squid you will need one of the --*-transparent options. Without it squid will fail to correctly spoof the clients IP. ----- snip ---- I do not fully understand where the "--*-transparent options" are to be found. And if it's the solution to the problem. Will someone Please enlighten me? Thank you /Leslie