-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On Tue, 9 Jan 2007 15:28:44 +0100 (CET) Oliver Fromme <[EMAIL PROTECTED]> wrote: > Tek Bahadur Limbu wrote: > > I run a transparent squid proxy using IPFW below: > > > > ipfw -q add allow tcp from 192.168.55.0/24 to any 3128 in via > > bge0 > > That's not the rule for transparent proxying. For that you > need a "forward" (or "fwd") rule, not an "allow" rule. > (Of course, the "allow" rule above might still be needed, > but it's not the one that actually enables the transparent > proxying). > > > Now I want the IP: 192.168.55.22 to bypass Squid when requesting > > www.hotmail.com. > > > > How do I go about doing this using IPFW? Can somebody shed some > > light on this issue? > > Simply add an "allow" rule for that IP, and place it > _before_ the "forward" (or "fwd") rule in your rule set: > > allow tcp from 192.168.55.22 to www.hotmail.com > > Note that the hostname is not resolved dynamically, but > at the time the rule is added to teh rule set. > > Best regards > Oliver > > -- > Oliver Fromme, secnetix GmbH & Co. KG, Marktplatz 29, 85567 Grafing > Dienstleistungen mit Schwerpunkt FreeBSD: http://www.secnetix.de/bsd > Any opinions expressed in this message may be personal to the author > and may not necessarily reflect the opinions of secnetix in any way. > > "To this day, many C programmers believe that 'strong typing' > just means pounding extra hard on the keyboard." > -- Peter van der Linden > _______________________________________________ > firstname.lastname@example.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to > "[EMAIL PROTECTED]" > Dear Oliver Fromme, Thanks for your input. I really appreciate it. I have rechecked my firewall and I do have the following rule: $IPFW add fwd 127.0.0.1,3128 tcp from any to any 80 in I have place your rule on top of the above rules like this: ipfw -q allow tcp from 192.168.55.22 to www.hotmail.com ipfw -a add fwd 127.0.0.1,3128 tcp from any to any 80 in ipfw -q add allow tcp from 192.168.55.0/24 to any 3128 in via bge0 Are the above rules correct ? Once again, thanks alot. -- With best regards and good wishes, Yours sincerely, Tek Bahadur Limbu (TAG/TDG Group) Jwl Systems Department Worldlink Communications Pvt. Ltd. Jawalakhel, Nepal -----BEGIN PGP SIGNATURE----- Version: GnuPG v184.108.40.206 (FreeBSD) iD8DBQFFpJc4VrOl+eVhOvYRAigpAJ9WDSsy7CsXtCI9qKwXLqsujnmHXQCcDstb wwjEiMWm0P280aBFuhDsq+0= =Vcsn -----END PGP SIGNATURE----- _______________________________________________ email@example.com mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"