On 2011-03-29 13:20, Indunil Jayasooriya wrote:
I've now installed Freebsd 8.2-RELEASE on new hardware and I'm using my
config from the 7.2 machine.
My problem is that squid is not working with transparency. The browser
traffic goes directly to the Internet.
If u r doing with PF, Can I have your pf rules?
I am doing squid 2.7.9 tranparent with OpenBSd 4.8.
These are my PF rules.
# filter rules
block in log
pass out log
pass in log on $int_if proto tcp from $lan_net to any port { 80 8080 } \
rdr-to 127.0.0.1 port 3128
in squid.conf file
http_port 3128 transparent
acl localnet src 10.0.0.0/8 # RFC1918 possible internal network
acl localnet src 172.16.0.0/12 # RFC1918 possible internal network
acl localnet src 192.168.0.0/16 # RFC1918 possible internal network
http_access allow localnet
This is my pf.conf that worked on the 7.2 system.
proxy_services = "{ 21, 80 }"
internal_net = "172.17.0.0/16"
proxy = "127.0.0.1"
rdr on $int_if inet proto tcp from $internal_net to any port
$proxy_services -> $proxy port 8080
block in log on $ext_if all
pass in log on $int_if inet proto tcp from $internal_net to $proxy port
8080 keep state
pass out log on $ext_if inet proto tcp from $proxy to any port
$proxy_services keep state
pass out
I'm trying to use your example but I get a syntax error when trying to
load. I'm aware of line feeds and have checked that there's none.
pass in log on $int_if proto tcp from $internal_net to any port
$proxy_services rdr -> $proxy port 8080
Thanks
/Leslie
