On 2013-05-30 21:34, Loïc BLOT wrote:

Hello Rob,
I use OpenBSD and squid 3.3.4 in production environment, you'll exactly
what you need here:
http://www.unix-experience.fr/2013/create-a-powerfull-proxy-cache-with-squid-and-openbsd-2/#sthash.9SpWE1kn.dpbs [2]
Have a nice day

Thanks -- that looks like a good guide, and I wish I'd found it before the other one.

However: it looks like your guide was written for a physical squid server separate from a physical firewall, and other than that, I can't find a significant difference between the configuration in your guide and my problematic configuration.

Maybe there's some kind of routing issue with doing an rdr on a machine running both the firewall and the proxy functions?

...hmm. That might be it, actually. Since Squid is binding to the LAN interface, trying to rdr packets coming in on the LAN interface back to a service on the LAN interface won't work. I'll try setting http_port to one of the other interfaces and see if that changes anything.

Thanks,

- R.

Reply via email to