Dominik, Internet----ext_if---BSD---int_if
int_if = Gateway default for all Pcs and proxy ? If so, you have to redirect all the traffic to the proxy (you know that) and then, only allow nat on the BSD firewall from the proxy to any destination on port 80. an example from my pf.conf: proxy="170.157.20.3" nat on $ext_if inet from $proxy to any -> $ext_if I hope that your squid is working as you need it. I hope this can help Jorge Valbuena -------- Original-Nachricht -------- Datum: Thu, 21 Dec 2006 13:40:10 +0200 Von: Dominik Zalewski <[EMAIL PROTECTED]> An: misc@openbsd.org, pf@benzedrine.cx Betreff: Squid 2.6 transparent proxy with pf > I have OpenBSD 4.0 firewall and I would like to redirect all outgoing http > requests to my squid web proxy. > > > > INTERNET <---> $ext_if - OpenBSD - $int_if <---> Switch --- squid > > | > > | > > LAN > > > -- from pf.conf --- > > ext_if = "fxp0" > int_if = "fxp1" > > squid = "10.0.0.2" > lan = "10.0.0.0/24" > > rdr pass on $int_if proto tcp from any to any port 80 -> $squid port 8080 > > -- end --- > > > Is this rule correct ? or redirected traffic can not come back on the same > interface ? Long time ago pfctl parser gave me errors about this, now it > doesnt > > Should I get another NIC and put in OpenBSD firewall and bridge it with > squid > for an example ? > > What is the best solution? > > > Thank you in advance, > > Dominik > > > -- Der GMX SmartSurfer hilft bis zu 70% Ihrer Onlinekosten zu sparen! Ideal für Modem und ISDN: http://www.gmx.net/de/go/smartsurfer
