I have OpenBSD 4.0 firewall and I would like to redirect all outgoing http
requests to my squid web proxy.
INTERNET <---> $ext_if - OpenBSD - $int_if <---> Switch --- squid
|
|
LAN
-- from pf.conf ---
ext_if = "fxp0"
int_if = "fxp1"
squid = "10.0.0.2"
lan = "10.0.0.0/24"
rdr pass on $int_if proto tcp from any to any port 80 -> $squid port 8080
-- end ---
Is this rule correct ? or redirected traffic can not come back on the same
interface ? Long time ago pfctl parser gave me errors about this, now it
doesnt
Should I get another NIC and put in OpenBSD firewall and bridge it with squid
for an example ?
What is the best solution?
Thank you in advance,
Dominik
