On 2011-03-29 13:20, Indunil Jayasooriya wrote:
>> I've now installed Freebsd 8.2-RELEASE on new hardware and I'm using my
>> config from the 7.2 machine.
>>
>> My problem is that squid is not working with transparency. The browser
>> traffic goes directly to the Internet.
>>
>
> If u r doing with PF, Can I have your pf rules?
>
> I am doing squid 2.7.9 tranparent with OpenBSd 4.8.
>
>
> These are my PF rules.
>
>
> # filter rules
> block in log
> pass out log
>
>
> pass in log on $int_if proto tcp from $lan_net to any port { 80 8080 } \
> rdr-to 127.0.0.1 port 3128
>
>
> in squid.conf file
>
> http_port 3128 transparent
>
>
> acl localnet src 10.0.0.0/8 # RFC1918 possible internal network
> acl localnet src 172.16.0.0/12 # RFC1918 possible internal network
> acl localnet src 192.168.0.0/16 # RFC1918 possible internal network
>
> http_access allow localnet
>
>
>
>
This is my pf.conf that worked on the 7.2 system.
proxy_services = "{ 21, 80 }"
internal_net = "172.17.0.0/16"
proxy = "127.0.0.1"
rdr on $int_if inet proto tcp from $internal_net to any port
$proxy_services -> $proxy port 8080
block in log on $ext_if all
pass in log on $int_if inet proto tcp from $internal_net to $proxy port
8080 keep state
pass out log on $ext_if inet proto tcp from $proxy to any port
$proxy_services keep state
pass out
I'm trying to use your example but I get a syntax error when trying to
load. I'm aware of line feeds and have checked that there's none.
pass in log on $int_if proto tcp from $internal_net to any port
$proxy_services rdr -> $proxy port 8080
Thanks
/Leslie
Received on Tue Mar 29 2011 - 11:53:13 MDT
This archive was generated by hypermail 2.2.0 : Wed Mar 30 2011 - 12:00:02 MDT