Btw I had a typo in my ruleset there isn't spose to be /27 in the individual
ip rules should be /32
rdr fxp0 205.23.1.37/27 port 80 -> 205.23.1.37 port 80
rdr fxp0 205.23.1.37/32 port 80 -> 205.23.1.37 port 80
^^
I must of left it like that during testing, and oh man did it blow the minds
of everyone in the office trying to connect to a specific web site on a
webserver just to go to a completely different web site on one of the other
web servers in the same ip range :)
Also does any one know about forcing ftp transfers through a proxy, so to
have a transparent ftp proxy?
----- Original Message -----
From: Leigh V
To: [EMAIL PROTECTED]
Sent: Tuesday, August 13, 2002 12:30 PM
Subject: Ideal rdr rules?
I am running a transparent proxy on a remote machine for an office using rdr
rules which is working great. The cacheless transparent proxy is tinyproxy
1.5.1, older versions didn't support transparent mode. The reason this proxy
is setup make our web usage go through our 205.23.1.32/27 network which is
cheaper then going straight out onto the internet.
The Nat machine with these rules is on another network 210.23.55.0/24
The only problem I have is that I would like any port 80 connect attempts
going to 205.23.1.32/27 network to go directly to these machines and not
bother going through the transparent proxy on 205.23.1.50
To get around the problem I just added a rule for each machine I wanted to
connect directly, like "rdr fxp0 205.23.1.44/27 port 80 -> 205.23.1.44 port
80"
Is this OK? or is there a better method to do this? like some general
network range rule like this with a /27 (which I tried and failed to no
surprise :) rdr fxp0 205.23.1.32/27 port 80 -> 205.23.1.32/27 port 80"
map fxp1 172.17.168.0/24 -> 0/32 proxy port ftp ftp/tcp
map fxp1 172.17.168.0/24 -> 0/32 portmap tcp/udp auto
map fxp1 172.17.168.0/24 -> 0/32
rdr fxp0 205.23.1.37/27 port 80 -> 205.23.1.37 port 80
rdr fxp0 205.23.1.39/27 port 80 -> 205.23.1.39 port 80
rdr fxp0 205.23.1.40/27 port 80 -> 205.23.1.40 port 80
rdr fxp0 205.23.1.41/27 port 80 -> 205.23.1.41 port 80
rdr fxp0 205.23.1.42/27 port 80 -> 205.23.1.42 port 80
rdr fxp0 205.23.1.43/27 port 80 -> 205.23.1.43 port 80
rdr fxp0 205.23.1.44/27 port 80 -> 205.23.1.44 port 80
rdr fxp0 205.23.1.50/27 port 80 -> 205.23.1.50 port 80
rdr fxp0 205.23.1.52/27 port 80 -> 205.23.1.52 port 80
rdr fxp0 205.23.1.53/27 port 80 -> 205.23.1.53 port 80
rdr fxp0 205.23.1.54/27 port 80 -> 205.23.1.54 port 80
rdr fxp0 205.23.1.55/27 port 80 -> 205.23.1.55 port 80
rdr fxp0 205.23.1.59/27 port 80 -> 205.23.1.59 port 80
rdr fxp0 205.23.1.62/27 port 80 -> 205.23.1.62 port 80
rdr fxp0 210.23.55.71/27 port 80 -> 210.23.55.71 port 80
rdr fxp0 0.0.0.0/0 port 80 -> 205.23.1.50 port 8080
