Squid proxy 2.6 with FreeBSD 6.2
Andrew Pantyukhin
infofarmer at FreeBSD.org
Tue Sep 11 11:55:29 PDT 2007
On Tue, Sep 11, 2007 at 05:23:28PM +0600, Anwarul Mamun wrote:
> Hi All!
>
> I have a linux gateway server (using iptables on this) where my client hit
> first. I want to direct the http traffic to the proxy server based on
> FreeBSD ( i mean transparent proxy). I am using FreeBSD 6.2 and Squid proxy
> 2.6. I have directed the http traffic from my linux gateway server to the
> proxy server on FreeBSD as below. But the transparent proxying does not
> work. Is there anyone worked with the issues on transparent proxy with
> FreeBSD 6.2. who may suggest in this case?
>
>
> /sbin/iptables -t nat -A PREROUTING -s 192.168.40.0/24 -p tcp --dport 80 -j
> DNAT --to 172.16.3.1:8080
> /sbin/iptables -t nat -A PREROUTING -s 192.168.40.0/24 -p tcp --dport 8080
> -j DNAT --to 172.16.3.1:8080
Assuming your squid config is right, you should stop modifying
packets (with little knowledge of iptables, I think -j DNAT --to
... does that). If you manage to reroute unmodified packets to
the FreeBSD box, you'll need something like this to set up its
ipfw:
$cmd add 100 fwd 127.0.0.1,3128\
proto tcp src-ip $lan_local not src-ip me not dst-ip me\
dst-port $http_ports
$cmd add 200 allow via lo0
$cmd add 500 deny dst-ip me dst-port 3128 not src-ip $lan_local
More information about the freebsd-isp
mailing list