[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: http proxy and pf



hi David, Wednesday, March 12, 2003, 7:30:12 PM, you wrote:
DJ> ext_if = "de0"
DJ> honey_ip = "192.168.1.136"
DJ> squid_if  = "de2"
DJ> int_if = "de3"
DJ> lo_if = "lo0"
DJ> nat on de0 from 192.168.1.0/24 to any -> de0
DJ> rdr on de0 proto tcp from any to de0/32 port 80 -> 127.0.0.1 port 3128
           ^^^                       ^^^
This is my configuration... all works pretty fine.
OpenBSD 3.2-STABLE/i386 (GENERIC)
Squid Cache: Version 2.5.STABLE1-20030212
configure options:  --prefix=/usr/local/squid --enable-pf-transparent
some bits from /etc/pf.conf:
users="{ 192.168.5.2/32, 192.168.5.5/32, 192.168.5.6/32, \
         192.168.5.7/32, 192.168.5.8/32, 192.168.5.9/32, \
         bunch_of_internal_ip's }"
ext_if="fxp0"
int_if="fxp1"
ext_ip="81.211.39.xyz"
int_ip="192.168.5.1"
nat on $ext_if from $users to any -> $ext_ip
rdr on $int_if proto tcp from $users to ! $int_ip port www ->
127.0.0.1 port 3128