sean, you don't/shouldn't need transparent routing.
and read here: http://marc.theaimsgroup.com/?l=ipfilter&m=100067300431394&w=2 observe that ipnat will not rdr to 127.0.0.1 under solaris -- you need to use the address of the internal interface itself in the rdr directive. some additional clues can be culled from http://marc.theaimsgroup.com/?l=ipfilter&w=2&r=3&s=squid&q=b and e.g. http://marc.theaimsgroup.com/?l=ipfilter&m=99556298317482&w=2 http://marc.theaimsgroup.com/?l=ipfilter&m=99557349023708&w=2 http://marc.theaimsgroup.com/?l=ipfilter&m=99557783205895&w=2 http://marc.theaimsgroup.com/?l=ipfilter&m=99558069715328&w=2 http://marc.theaimsgroup.com/?l=ipfilter&m=97104421526433&w=2 jim Lazar, Sean wrote: > Hi, > > I have a Sun Netra X1, 400 Mhz Sparc, two network interfaces, dmfe0 > and dmfe1. I have a web proxy server running on it, and I have put the > following line in ipnat.conf: > > rdr dmfe0 0.0.0.0/0 port 80 -> 127.0.0.1 port 8002 tcp > > I'd like to configure this box to pass all traffic except for this > rule. I already have a firewall. Can my rdr rule be combined with a > Transparent Routing implementation? ( > http://coombs.anu.edu.au/ipfilter/examples.html#fastroute ) > > This box would sit in between my users and the inside leg of the firewall. > > Thanks in advance for any help. > > Sean Lazar > Network Technician > Pajaro Valley Unified School District > >
