freebsd + squid + pf problem
he ccjj
heccjj1 at gmail.com
Fri Mar 30 09:44:58 UTC 2007
I use freebsd + squid + pf to setup a transprarent proxy box.
my /etc/pf.conf:
ext_if="{fxp0}"
int_if="{em0}"
int_net="{192.168.100.254/16}"
icmp_types="echoreq"
set block-policy return
set optimization aggressive
set skip on lo0
scrub in
nat on $ext_if from $int_net to any -> $ext_if
rdr pass on $int_if inet proto tcp from $int_net to any port http ->
127.0.0.1 port 8080
antispoof quick for $ext_if inet
pass in on $ext_if keep state
pass out on $ext_if keep state
pass in on $int_if keep state
pass out on $int_if keep state
main parts of my /usr/local/etc/squid/squid.conf:
http_port localhost:8080 transparent
visible_hostname proxy
acl all src 0.0.0.0/0.0.0.0
......
http_access allow all
http_reply_access allow all
icp_access allow all
miss_access allow all
always_direct allow all
now I restart pf and squid, I can visit web site from clients.But I
can't use some p2p program, like
pplive(http://www.pplive.com/en/index.html). Why?
my squid version is 2.6, I tested under freebsd 6.1 and 6.2 (all after
portsnap fetch update and portupgrade -arR).
More information about the freebsd-questions
mailing list