Filter connections based on the hostname.
atar
atar.yosef at gmail.com
Thu Jun 16 11:39:05 UTC 2016
> atar wrote on 06/16/2016 09:15:
>
> [...]
>
>>> www.google.com DNS TTLs are 5 minutes so you shouldn't have to worry
>>> about the IP changing in less then a minute UNLESS your PF firewall
>>> and your browser use different DNS servers and could therefore get
>>> different answers
>>>
>>> Regards,
>>>
>>> Gary
>>
>> Can you give me any hint how to cause PF to redirect all the traffic through the squid proxy? I'm pretty new in them both (PF and squid).
>
> You can find basic config here
> http://wiki.squid-cache.org/ConfigExamples/Intercept/FreeBsdPf
>
> Squid can be installed from ports / packages
> http://www.freshports.org/www/squid/
>
> Miroslav Lachman
Hi and thanks for your willing to help.
Unfortunately, I didn't succeed to redirect the network traffic through the squid server.
I've putted the following line in my pf.conf:
rdr pass inet proto tcp from any to any -> 127.0.0.1 port 3128
since the squid server is listening on port 3128, but the traffic isn't going through it.
I've also verified that no traffic is redirected to port 3128 by running the command: nc -l 3128.
I've no idea what is wrong here.
More information about the freebsd-pf
mailing list