force all the network traffic through a proxy server.
Ataro
ataro at protonmail.ch
Tue Jun 28 17:56:56 UTC 2016
Hi there,
I've set up a FreeBSD machine inside a VirtualBox machine and used IPFW to redirect all the requests to the internet through a squid proxy server running on the same machine in port 3128 in intercept mode (also known as transparent proxy mode).
The problem is that I need a way to identify the packets that originates from the squid server and let them pass out to the Internet but all other packets must go through the squid server.
my IPFW rules looks like the following:
ipfw -f flush
ipfw add 50 pass all from any to any via lo0
ipfw add 100 pass all from any to any proto udp
ipfw add 150 pass icmp from any to any
ipfw add 200 fwd 127.0.0.1,3128 tag 1111 tcp from me to any
ipfw add 250 pass all from 10.0.2.15 to any tagged 1111
Unfortunately, the packets that originates from the squid server redirected back to itself and I don't find a way to allow them pass out.
Is someone here have an idea?
Regards,
Ataro.
More information about the freebsd-ipfw
mailing list