pf, bridging, transparent proxy, dual gateways?
Kurt Buff
kurt.buff at gmail.com
Fri May 18 00:50:55 UTC 2007
All,
Wondering if the following scenario at all rational/feasible:
[fw-a]-------
|
|
[switch]---[freebsd]---[router]---[many subnets]
|
|
[fw-b]-------
Fw-a fronts our current T1, and that ties our other two offices
together with IPSec, and is our main inbound mail feed.
Fw-b is soon to be installed, and will front a new T1.
The lines are not bonded - they come from different vendors.
I'd like to forward all individual user traffic (HTTP/FTP/other) out
of the second T1, perhaps with the use of Squid/Frox, leaving our
intra-corporate traffic to go in/out the current T1, and also email.
Am I way off base, or is this worth the effort, and if so, how might I
set something like this up? Would it make sense to make squid/frox
transparent proxies, or use the virtual IP address? Docs are good - I
like to rtfm if I know which m to read.
I'm completely new to both pf and squid, but have installed several
other apps, including ntop and maia-mailguard, etc., on freebsd, so
have some base of knowledge.
Thanks,
Kurt
More information about the freebsd-pf
mailing list