On Fri, Feb 13, 2004 at 07:07:04PM -0700, j knight wrote:
>
> It sounds to me like he's setup his clients to use squid but has now
> decided to ditch squid. He wants to do trickery with pf so that he
> doesn't have to go around again to each client and remove the proxy
> settings.
ahh!; yes,
jared r r spiegel wrote:
On Fri, Feb 13, 2004 at 03:17:08PM -0600, Brent Bolin wrote:
Without going around and changing all the workstations from using the proxy,
is there a way I can redirect lan connections to the firewall to port 3128
to the net on port 80.
man 5 pf.conf ?
rdr on $int_if
On Fri, Feb 13, 2004 at 03:17:08PM -0600, Brent Bolin wrote:
>
> Without going around and changing all the workstations from using the proxy,
> is there a way I can redirect lan connections to the firewall to port 3128
> to the net on port 80.
man 5 pf.conf ?
rdr on $int_if inet proto tcp from
Hello,
Never was able to get squid running on the firewall. Setup firewall to use
round-robin direct connections.
Without going around and changing all the workstations from using the proxy,
is there a way I can redirect lan connections to the firewall to port 3128
to the net on port 80.
Gotcha, I guess I learn something new everyday.
So the danger is really running and layer 2 daemon on the same interface as pf
and trying to filter it. I guess this would serve as a solution for the time
being, I'll tell dhcpd to not listen on rl1, and then:
rdr on rl1 proto udp from any to 1
On Fri, Feb 13, 2004 at 01:55:07AM -0800, Jason wrote:
> I see, so if dhcpd and pf weren't sharing the same interface, then I wouldn't
> have this problem.
>
> I guess limiting dhcpd wouldn't be the best thing, but improving pf. Is
> anyone working on adding such a feature to pf to make it bloc
On Fri, Feb 13, 2004 at 01:55:07AM -0800, Jason wrote:
> I guess limiting dhcpd wouldn't be the best thing, but improving pf. Is
> anyone working on adding such a feature to pf to make it block these kinds of
> requests? Seems like it'd be helpful. Otherwise, seems like that's somewhat
> of
I see, so if dhcpd and pf weren't sharing the same interface, then I wouldn't
have this problem.
I guess limiting dhcpd wouldn't be the best thing, but improving pf. Is
anyone working on adding such a feature to pf to make it block these kinds of
requests? Seems like it'd be helpful. Otherwi
On Thu, Feb 12, 2004 at 10:36:27PM -0800, Jason wrote:
> Hi,
>
> I'm new to the list, and fairly new to OpenBSD (installed maybe 6 months ago).
> Anyway, I have a question. Is there anywhere to get PF to stop arp requests
> from passing through it? The problem I'm having is dhcp requests from
