I have OpenBSD 4.0 firewall and I would like to redirect all outgoing http requests to my squid web proxy.
INTERNET <---> $ext_if - OpenBSD - $int_if <---> Switch --- squid | | LAN -- from pf.conf --- ext_if = "fxp0" int_if = "fxp1" squid = "10.0.0.2" lan = "10.0.0.0/24" rdr pass on $int_if proto tcp from any to any port 80 -> $squid port 8080 -- end --- Is this rule correct ? or redirected traffic can not come back on the same interface ? Long time ago pfctl parser gave me errors about this, now it doesnt Should I get another NIC and put in OpenBSD firewall and bridge it with squid for an example ? What is the best solution? Thank you in advance, Dominik