FBSD gateway/firewall with squid <-will it let request in??
Mike Maltese
mike at pcmedx.com
Wed Jul 16 09:15:06 PDT 2003
Crack open the squid Makefile and uncomment
CONFIGURE_ARGS+= --enable-ipf-transparent
I'm currently running this setup, however, it's been a while. IIRC, you need
to manually move the ipf header files from your source tree
(/usr/src/sys/contrib/ipfilter/netinet) to /usr/include/netinet for it to
build successfully.
Also, take a look at the following link. It's almost a year old but you may
find it useful.
http://ezine.daemonnews.org/200209/squid.html
----- Original Message -----
From: <keith at smmc.qld.edu.au>
To: "Free bsd " <freebsd-questions at FreeBSD.org>
Sent: Wednesday, July 16, 2003 5:13 AM
Subject: FBSD gateway/firewall with squid <-will it let request in??
> Hi all,
> shooting blind here cause I trouble shoot this (although I am remote from
> the systems in question)
>
> 203.111.111.216/29 <-NAT-> 10.0.0.1 10.0.0.2
> Internet<------>FBSD (ipfilter/ipnat squid) <------> www/mail server
>
> All "live ips" are alias to external interface of FBSD they NAT to
internals.
> I have never had squid proxy on a gateway like this. Would squid by
> default (I have changed very little in squid.conf) interfere with
> externally incoming traffic being Natted to the inside server? Will it
> block?
> I know this is FBSD not SQUID but maybe it is an ipf hassle otherwise.
> Thanks if you can help
> Keith
>
>
>
>
> _______________________________________________
> freebsd-questions at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to
"freebsd-questions-unsubscribe at freebsd.org"
More information about the freebsd-questions
mailing list