Using IPFW to bypass hotmail.com

Oliver Fromme olli at lurza.secnetix.de
Tue Jan 9 14:28:52 UTC 2007


Tek Bahadur Limbu wrote:
 > I run a transparent squid proxy using IPFW below:
 > 
 > ipfw -q add allow tcp  from 192.168.55.0/24 to any  3128 in via bge0

That's not the rule for transparent proxying.  For that you
need a "forward" (or "fwd") rule, not an "allow" rule.
(Of course, the "allow" rule above might still be needed,
but it's not the one that actually enables the transparent
proxying).

 > Now I want the IP: 192.168.55.22 to bypass Squid when requesting
 > www.hotmail.com.
 > 
 > How do I go about doing this using IPFW? Can somebody shed some light
 > on this issue?

Simply add an "allow" rule for that IP, and place it
_before_ the "forward" (or "fwd") rule in your rule set:

allow tcp from 192.168.55.22 to www.hotmail.com

Note that the hostname is not resolved dynamically, but
at the time the rule is added to teh rule set.

Best regards
   Oliver

-- 
Oliver Fromme,  secnetix GmbH & Co. KG, Marktplatz 29, 85567 Grafing
Dienstleistungen mit Schwerpunkt FreeBSD: http://www.secnetix.de/bsd
Any opinions expressed in this message may be personal to the author
and may not necessarily reflect the opinions of secnetix in any way.

"To this day, many C programmers believe that 'strong typing'
just means pounding extra hard on the keyboard."
        -- Peter van der Linden


More information about the freebsd-questions mailing list