On Mon, Jul 09, 2012 at 06:31:55PM -0700, Hao Bryan Cheng wrote: > Is there a rule in pf that behaves similarly to ipfw's fwd rule? I have > heard mentions of a divert-to rule, but I was unsuccessful in finding any > official documentation on the subject anywhere online.
No, there's no generic rule in pf to solve this for every proxy, but there is a solution for squid specifically: When you build the Squid port (www/squid) there is an option [ ] SQUID_PF Enable transparent proxying with PF This enables a function specifically to deal with your case: when squid, listening on 127.0.0.1:3128, receives a connection rdr'd by pf src original dst rewritten dst 10.1.2.3:61234 -> 62.65.1.2:80 -> 127.0.0.1:3128 squid will use a pf-specific ioctl() call to figure out the original destination, and use it for url_rewrite, too, AFAIK. HTH, Daniel _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-pf To unsubscribe, send any mail to "[email protected]"
