Using IPFW to bypass hotmail.com
Tek Bahadur Limbu
teklimbu at wlink.com.np
Wed Jan 10 07:35:40 UTC 2007
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Tue, 9 Jan 2007 15:28:44 +0100 (CET)
Oliver Fromme <olli at lurza.secnetix.de> wrote:
> Tek Bahadur Limbu wrote:
> > I run a transparent squid proxy using IPFW below:
> >
> > ipfw -q add allow tcp from 192.168.55.0/24 to any 3128 in via
> > bge0
>
> That's not the rule for transparent proxying. For that you
> need a "forward" (or "fwd") rule, not an "allow" rule.
> (Of course, the "allow" rule above might still be needed,
> but it's not the one that actually enables the transparent
> proxying).
>
> > Now I want the IP: 192.168.55.22 to bypass Squid when requesting
> > www.hotmail.com.
> >
> > How do I go about doing this using IPFW? Can somebody shed some
> > light on this issue?
>
> Simply add an "allow" rule for that IP, and place it
> _before_ the "forward" (or "fwd") rule in your rule set:
>
> allow tcp from 192.168.55.22 to www.hotmail.com
>
> Note that the hostname is not resolved dynamically, but
> at the time the rule is added to teh rule set.
>
> Best regards
> Oliver
>
> --
> Oliver Fromme, secnetix GmbH & Co. KG, Marktplatz 29, 85567 Grafing
> Dienstleistungen mit Schwerpunkt FreeBSD: http://www.secnetix.de/bsd
> Any opinions expressed in this message may be personal to the author
> and may not necessarily reflect the opinions of secnetix in any way.
>
> "To this day, many C programmers believe that 'strong typing'
> just means pounding extra hard on the keyboard."
> -- Peter van der Linden
> _______________________________________________
> freebsd-questions at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to
> "freebsd-questions-unsubscribe at freebsd.org"
>
Dear Oliver Fromme,
Thanks for your input. I really appreciate it. I have rechecked my
firewall and I do have the following rule:
$IPFW add fwd 127.0.0.1,3128 tcp from any to any 80 in
I have place your rule on top of the above rules like this:
ipfw -q allow tcp from 192.168.55.22 to www.hotmail.com
ipfw -a add fwd 127.0.0.1,3128 tcp from any to any 80 in
ipfw -q add allow tcp from 192.168.55.0/24 to any 3128 in via bge0
Are the above rules correct ?
Once again, thanks alot.
--
With best regards and good wishes,
Yours sincerely,
Tek Bahadur Limbu
(TAG/TDG Group)
Jwl Systems Department
Worldlink Communications Pvt. Ltd.
Jawalakhel, Nepal
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (FreeBSD)
iD8DBQFFpJc4VrOl+eVhOvYRAigpAJ9WDSsy7CsXtCI9qKwXLqsujnmHXQCcDstb
wwjEiMWm0P280aBFuhDsq+0=
=Vcsn
-----END PGP SIGNATURE-----
More information about the freebsd-questions
mailing list