ipfw + squid
doron at home.crc.co.za
Thu Jun 12 14:34:22 PDT 2003
This rule works for
00050 7660668 803774726 fwd 127.0.0.1,3128 tcp from any to any 80
what I would suggest is go to www.squid-cache.org and under the FAQ the have
transparent caching with Freebsd. Follow it step by step it works 100%.
From: owner-freebsd-questions at freebsd.org
[mailto:owner-freebsd-questions at freebsd.org] On Behalf Of Bill Moran
Sent: 12 June 2003 08:40 PM
To: Kliment Andreev
Cc: freebsd-questions at freebsd.org
Subject: Re: ipfw + squid
Kliment Andreev wrote:
> I have ipfw + squid (ext NIC: fxp0, int NIC: dc0). Squid is listening on
> port 3128.
> Using ipfilter I will do
> rdr dc0 0/0 port 80 -> 127.0.0.1 port 3128 tcp
> How can I do this in ipfw
> 00050 36764 12234591 divert 8668 ip from any to any via fxp0
> ---->>>>>> 00060 0 0 divert 80 tcp from any to any 3128
> 00100 4732 13839892 allow ip from any to any via lo0
> 00200 0 0 deny ip from any to 127.0.0.0/8
> 00300 0 0 deny ip from 127.0.0.0/8 to any
> 65000 53018 18345167 allow ip from any to any
> 65535 1 328 allow ip from any to any
> Line 60 doesn't seem to work for me.
You don't do it with an IPFW rule, you need to pass instructions to
The canonical way to do this is in /etc/rc.conf. Add a line like:
natd_flags="-redirect_port tcp 127.0.0.1:80 3128"
If you already have a natd_flags= line in rc.conf, just add that
to it. Also read the man page on natd for more details.
freebsd-questions at freebsd.org mailing list
To unsubscribe, send any mail to "freebsd-questions-unsubscribe at freebsd.org"
More information about the freebsd-questions