transparent proxy
jay at experts-exchange.com
jay at experts-exchange.com
Sun Jan 2 21:59:31 UTC 2011
>From studying squid rules, I found the following pf rule set. Does this do
something similar to what I'm after? I tried something like this but it
didn't help.
int_if="gem0"
ext_if="kue0"
rdr on $int_if inet proto tcp from any to any port www -> 127.0.0.1 port 3128
pass in on $int_if inet proto tcp from any to 127.0.0.1 port 3128 keep state
pass out on $ext_if inet proto tcp from any to any port www keep state
http://www.benzedrine.cx/transquid.html
Thanks
> On 1/2/11 9:04 PM, jay at experts-exchange.com wrote:
>> Here I want :
>>
>> nn:nn:nn.nnnnnn IP 127.0.0.1.51791 > 192.168.103.2.80: Flags [S], ack
>> ...
>>
>> int_if="lo0"
>> ext_if="ed0"
>>
>> pass in on $int_if route-to ($int_if 127.0.0.1) from 192.168.103.1 keep
>> state
>>
>> But no good (it's not able to sync) :
>>
>
> How do things go when using synproxy in your pass rule ?
>
> Something like: pass in log on $int_if route-to ($int_if 127.0.0.1) from
> 192.168.103.1 synproxy state
>
>
More information about the freebsd-pf
mailing list