ipfw - natd - squid - 3 Nic's - 1 FBSD 5.1 server and routing question

fbsdquestions at worldinternet.org fbsdquestions at worldinternet.org
Mon Aug 4 09:45:38 PDT 2003

Quoting Matthew Seaman <m.seaman at infracaninophile.co.uk>:

| On Mon, Aug 04, 2003 at 06:24:42AM -0700, fbsdquestions at worldinternet.org
| wrote:
| This sounds to me like a policy based routing problem -- googling for
| "policy based routing FreeBSD" in Google Groups should prove
| informative.
| However, the mechanism is basically the same as you've used to
| implement your transparent proxy.  All you need to do is insert
| another rule to trap the port 80 traffic coming out of Squid and send
| the packets to the next-hop gateway on your rl2 interface.  That
| presumably has it's default route set via the cable network.
| Something like:
|     00500 fwd tcp from me to any 80


Thanks, It seems to solve the problem.
| (assuming that is the router address in the cable
| companies' network.)  Since your Squid is already using a Cable
| Co. address as the source address on any outgoing packets this should
| cause all in- and out-going HTTP traffic to pass via the Cable
| Co. network.

Indeed they do.  Thanks again.



More information about the freebsd-questions mailing list