IPFW, Nat and transparent proxy ( on different machines )
eculp at encontacto.net
eculp at encontacto.net
Fri Aug 1 11:39:58 PDT 2003
Mensaje citado por CPD - Equipe de Segurança <security at pucrs.br>:
|
| Dear gentleman,
|
|
| So far I've been running a FreeBSD 4.7 machine which runs NAT, IPFW and
| Squid , acting like a transparent proxy/cache , NAT box and packet
| filter/firewall.
|
| Now, the load is getting too heavy, so I'd like to use a second machine
| (with a second WAN link ) as a separate proxy for the HTTP traffic.
|
| Question is, how can I set up IPFW/NAT to send all the HTTTP ( port 80
| only ) traffic that comes on the internal interface ( 192.160.0.1 ) to the
| new proxy-only machine's internal interface ( 192.168.0.2), and still have
| the rest of the traffic flowing normally through the other gateway, which
| will now run only NAT and IPFW as firewall.
I would try something like:
00400 fwd 192.168.0.2,3128 tcp from 192.168.0.0/24 to any 80
and see what and what the logs say.
Good luck,
ed
|
| It's confusing somehow, I hope I managed to be clear enough.
|
| Thanks for any insight,
|
| - Alexandre
|
| _______________________________________________
| freebsd-ipfw at freebsd.org mailing list
| http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw
| To unsubscribe, send any mail to "freebsd-ipfw-unsubscribe at freebsd.org"
|
--
-------------------------------------------------
More information about the freebsd-ipfw
mailing list