Skip site navigation (1)Skip section navigation (2) 
Date:      Tue, 27 Nov 2012 18:54:34 +0100
From:      Leslie Jensen <leslie@eskk.nu>
To:        Doug Sampson <dougs@dawnsign.com>
Cc:        freebsd questions list <freebsd-questions@freebsd.org>
Subject:   Re: Anyone using squid and pf?
Message-ID:  <50B4FE5A.8060108@eskk.nu>
In-Reply-To: <E6B2517F8D6DBF4CABB8F38ACA367E782A5D6ABC@Draco.dawnsign.com>
References:  <50B0EA28.7060904@eskk.nu> <50B338B2.3090600@gmail.com> <50B3B788.6040801@eskk.nu> <E6B2517F8D6DBF4CABB8F38ACA367E782A5D6ABC@Draco.dawnsign.com>
next in thread | previous in thread | raw e-mail | index | archive | help 


Doug Sampson skrev 2012-11-27 18:34:
> [...]
>
>> Rules from pf.conf
>>
>> --------------------------------------------
>> # macros
>> ext_if="xl0"
>> int_if="bge0"
>>
>> tcp_services="{ 22, 993, 5910:5917 }"
>> tcp_priv_services="{ 389, 443 }"
>> proxy_services = "{ 21, 80 }"
>> icmp_types="{ echoreq unreach squench timex }"
>> internal_net = "172.18.0.0/16"
>> proxy = "172.18.0.1"
>> proxyport="8021"
>         ^
> No whitespace here
>
>>
>> # tables
>> table <goodguys> persist
>> table <sshguard> persist
>>
>> # options
>> set block-policy return     # ports are closed but can be seen
>> set loginterface $ext_if
>>
>> set skip on lo0
>>
>> # scrub
>> scrub in
>>
>> rdr pass proto tcp from any to any port ftp -> 127.0.0.1 port 8021
>>
>> # redirect www trafic to proxy
>> rdr on $int_if inet proto tcp from $internal_net to any port
>> $proxy_services -> $proxy port 8080
>                             ^
> Whitespace here. Maybe that's the issue here?
>
>> # ext_if IP address could be dynamic, hence ($ext_if)
>> nat on $ext_if from !($ext_if) to any -> ($ext_if)
>
> [...]
> _______________________________________________
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org"
>

Thanks!

No if you see I have a $proxy and a $proxyport (I shall rename this one. 
It's confusing, I know)

So the whitespace is not the problem.

/Leslie

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?50B4FE5A.8060108>