> > Some applications in intranet pages use ports like > 19336 or 8081 and they don't support the proxy. > > I need to tell to pf
This is not a pf issue, apart from get rid of set optimization aggressive The defaults are more than adequate. add set block-policy return So applications can tell you if the packet filter is getting in their way. & assuming you're running 6 or later Get rid of pass quick on lo0 And replace it with Set skip on lo0 You need to configure either a local exclusion list through group policy and/or create a proxy.pac file for each client and use it. If the proxy server has a routed connection to the intranet, it shouldn't matter what the destination port for the http server is. Given you run a default policy of block, you do not appear to have a pass out Rule on the inside interface permitting squid to connect to the intranet servers. Greg _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-pf To unsubscribe, send any mail to "[EMAIL PROTECTED]"
