Need help with getting transparent proxy working across WAN
cbandage at msn.com
Mon Jul 17 12:48:22 UTC 2006
I have a FreeBSD transparent proxy working on local lan. Where the
has its gateway set to the proxy server's internal ip address. Everything
Problem is when I move my workstation from the local lan where the proxy
server resides, on to the 10.4.0.0 network, this is across a WAN link,
Transparent proxy stops working it appears no web traffic is getting to the
proxy, and I'm not able to get to ant web site. I am able to ping the proxy
server, and use the proxy if I utilize a pac file, and drop the IPFW rules.
I should also note that I have transparent proxy running under Debian using
iptables, across the WAN link, but want to move to FreeBSD. So I feel my
routers are setup correctly.
I suspect the problem is with my IPFW rules or NAT configuration but I'm not
Kernel was recompiled with:
ifconfig_xl0="inet x.x.x.x. netmask 255.255.255.0"
ifconfig_xl1="inet x.x.x.x netmask 255.255.255.0"
CISCO router has the following configured
access-list 199 permit tcp 10.4.0.0 0.0.255.255 any eq www
access-list 199 deny ip any any
route-map redirect-proxy permit 10
match ip address 199
set ip next-hop <proxy server internal ip>
My IPFW rules:
ipfw -q flush
ipfw add divert natd all from not me to any via <outside interface>
ipfw add fwd 127.0.0.1:8000 tcp from any to any 80
squid complied with
header_access Via deny all
header_access X-Forwarded-For deny all
Thank you for taking the time to look. Any advice or troubleshooting tips
Dont just search. Find. Check out the new MSN Search!
More information about the freebsd-questions