Anyone using squid and pf?
Leslie Jensen
leslie at eskk.nu
Tue Nov 27 09:13:28 UTC 2012
Volodymyr Kostyrko skrev 2012-11-26 21:50:
>>
>> rdr pass proto tcp from any to any port ftp -> 127.0.0.1 port 8021
>>
>> # redirect www trafic to proxy
>> rdr on $int_if inet proto tcp from $internal_net to any port
>> $proxy_services -> $proxy port 8080
>
> I could be wrong here but I think you have a loop. You are redirecting
> from local interface to local interface i.e. the result of redirect is
> still subject for redirect. Could you try one of the following:
>
> 1. Make this a `rdr in on $int_if`.
>
> 2. Make this a `rdr pass ... -> 127.0.0.1 port 8080`. I prefer this way
> so port for transparent forwarding is unreachable except when explicitly
> redirecting to it.
>
> Personally I newer allow such ambiguity in my configs.
>
Thanks!
I'll try it out. I need to wait until tonight, the machine is in use at
the moment.
#1 I see your point.
#2 this rule is for intended ftp traffic. That's why I'm sending to
another port number.
/Leslie
More information about the freebsd-questions
mailing list