transparent http proxy rules for localhost
From: Sven (no_at_spam.com)
Date: 09/26/05
- Next message: Odinn: "Re: questions regarding sh shell"
- Previous message: Keve Nagy: "Re: questions regarding sh shell"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Mon, 26 Sep 2005 10:48:06 +0100
Hello newsgroup,
I've got a bit of trouble with my proxy rules:
I'm running pf and squid on a 5.4 box. My plan was to set up rules in pf
to transparently forward any http requests to squid. So far I added the
following lines to my pf.conf:
rdr on $int_if inet proto tcp from any to any port 80 -> 127.0.0.1 port 3128
rdr on $loop_if inet proto tcp from any to any port 80 -> 127.0.0.1 port
3128
pass in on $int_if inet proto tcp from any to 127.0.0.1 port 3128 keep state
pass in on $loop_if inet proto tcp from any to 127.0.0.1 port 3128 keep
state
pass out on $ext_if inet proto tcp from any to any port www keep state
my squid.conf has the following acls (amonst other configuration for
transparent forwarding):
acl our_networks src 192.168.1.0/24 192.168.0.0/24 127.0.0.1/32
http_access allow our_networks
So far the transparent forwarding works ok for hosts on the 192.168.1.
and 192.168.0. net but I just cannot get it to work for localhost. I
guess the difficulty is in separating the port 80 outgoing connection
from the browser that are to be redirected to the proxy from the
requests generated by the proxy who have to get out directly...
Is there a common solution to this or how can I change things around to
get transparent proxying for localhost?
Sven.
-- s v e n (dot) d (dot) m e i e r (at) g m x (dot) n e t
- Next message: Odinn: "Re: questions regarding sh shell"
- Previous message: Keve Nagy: "Re: questions regarding sh shell"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
|
