On 2/7/18 6:36 PM, Yuri wrote:
> Did you used ipfw NAT configuration on same box with squid?
Yes, my ipfw configuration is:
$cmd 00700 deny ip from any to any dst-port 3128 via em0
$cmd 00800 fwd 3128 tcp from 192.168.1.25 to any dst-port 80 via em0
$cmd 00820 allow ip from any to any dst-port
On 2/7/18 5:37 PM, Rafael Akchurin wrote:
> How is your network configured? Your rules indicate you have 2 nics but you
> later say you have one..
Originally, I started with 1 NIC (it's a VM), and added 2 more, because
I read that pf/ipfw can't rewrite ingress packets on the same interface
it
On 2/7/18 4:31 PM, Yuri wrote:
> I'm not seen your configuration options for squid. Not squid.conf. Just
> ./configure options.
Here's what I'm building with (from 'make config' in ports tree)
'--bindir=/usr/local/sbin'
'--build=amd64-portbld-freebsd11.1'
'--datadir=/usr/local/etc/squid'
On 02/07/2018 04:38 PM, Rafael Akchurin wrote:
> If you do not mind looking at other tutorials - these are what we have in the
> test lab.
> https://docs.diladele.com/tutorials/transparent_proxy_ubuntu/index.html
I can confirm that the instructions in this tutorial results in the same
exact
On 02/07/2018 04:38 PM, Rafael Akchurin wrote:
> If you do not mind looking at other tutorials - these are what we have
in the test lab.
> https://docs.diladele.com/tutorials/transparent_proxy_ubuntu/index.html
> https://docs.diladele.com/tutorials/policy_based_routing_squid/index.html
Thanks
On 02/07/2018 04:11 PM, setuid wrote:
> That router has a firewall script on it that says:
> ==
> #!/bin/sh
> PROXY_IP=192.168.2.25
Yes, this is a typo here in email but is correct in the router's
firewall script.
This should be either 192.168.2.20 or 192.16
I'll start with the pointedly easy stuff: Squid > 2.6 (tested 3.4, 3.5,
4.0 on Ubuntu Xenial, Debian Jessie, FreeSBD 11.1 using iptables, pf,
ipf, ipfilter) does not work at all, when configured as a transparent
proxy. Full stop.
I went through hundreds of posts on dozens of forums, blogs and
