Anyone using squid and pf?
Leslie Jensen
leslie at eskk.nu
Tue Nov 27 17:54:28 UTC 2012
Doug Sampson skrev 2012-11-27 18:34:
> [...]
>
>> Rules from pf.conf
>>
>> --------------------------------------------
>> # macros
>> ext_if="xl0"
>> int_if="bge0"
>>
>> tcp_services="{ 22, 993, 5910:5917 }"
>> tcp_priv_services="{ 389, 443 }"
>> proxy_services = "{ 21, 80 }"
>> icmp_types="{ echoreq unreach squench timex }"
>> internal_net = "172.18.0.0/16"
>> proxy = "172.18.0.1"
>> proxyport="8021"
> ^
> No whitespace here
>
>>
>> # tables
>> table <goodguys> persist
>> table <sshguard> persist
>>
>> # options
>> set block-policy return # ports are closed but can be seen
>> set loginterface $ext_if
>>
>> set skip on lo0
>>
>> # scrub
>> scrub in
>>
>> rdr pass proto tcp from any to any port ftp -> 127.0.0.1 port 8021
>>
>> # redirect www trafic to proxy
>> rdr on $int_if inet proto tcp from $internal_net to any port
>> $proxy_services -> $proxy port 8080
> ^
> Whitespace here. Maybe that's the issue here?
>
>> # ext_if IP address could be dynamic, hence ($ext_if)
>> nat on $ext_if from !($ext_if) to any -> ($ext_if)
>
> [...]
> _______________________________________________
> freebsd-questions at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "freebsd-questions-unsubscribe at freebsd.org"
>
Thanks!
No if you see I have a $proxy and a $proxyport (I shall rename this one.
It's confusing, I know)
So the whitespace is not the problem.
/Leslie
More information about the freebsd-questions
mailing list