FreeBSD Tansparent Proxy with ipfw & natd

Edwin Culp eculp at viviendaatualcance.com.mx
Sun Mar 28 05:04:58 PST 2004


Quoting whizkid at ValueDJ.com:

> I have seen lots of pages on google on how to setup Squid as a Transparent
> Proxy server on FreeBSD.  However most of these refer to 4.9 stable, using
> IPTables.  I am currently using natd and ipfw.  Here are my Firewall rules

< SHORTEN A BIT >

> how would I set it so all incoming packets from xl0 would get redirected
> to port 8080 for the proxy server.  I want to setup DansGuardian for
> content filtering and I don't want the people who will be using my network
> to find a way around disabling the Proxy in the browser.

I would try something like the following that should be
around 6001 before nating.

add 6001 fwd 127.0.0.1,8080 tcp from 192.168.1.0/24 to any
80

I have a rule before the allows port 80 access for "me" to
not use squid for our local intranet traffic and I have a
forward rule after the above but before nating to send the
squid request out through an interface that is not the
default route to a second ISP that is just for squid
traffic, then I nat.

YMMV, good luck,

ed
>
> Anyone have any ideas?
>
> Thanks for your help
>
> _______________________________________________
> freebsd-ipfw at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw
> To unsubscribe, send any mail to "freebsd-ipfw-unsubscribe at freebsd.org"




More information about the freebsd-ipfw mailing list