On Tue, Dec 6, 2011 at 11:19 AM, Daniel J. Luke <[email protected]> wrote: > On Dec 6, 2011, at 10:05 AM, Michael wrote: >> And I've tried the following to configure the firewall via the rule: >> >> sudo ipfw add 1013 fwd 127.0.0.1,3128 tcp from any to any dst-port 80 recv >> en0 >> >> I verified the rule was set via >> >> sudo ipfw list >> >> and it returns: >> >> $ sudo ipfw list >> 01013 fwd 127.0.0.1,3128 tcp from any to any dst-port 80 recv en0 >> 65535 allow ip from any to any > > is your Mac OS X box routing for all of the (virtual) machines?
Yes. >> and I also restarted the firewall just in case w/ each rule change. No dice. >> >> I've also configured the kernel as per Step 2: Configure Mac OS X >> kernel' as described originally at: >> >> http://discussions.apple.com/thread.jspa?threadID=2308812&tstart=0 > > you mean you set > > net.inet.ip.scopedroute = 0 ? Yes. >> Once setup, the firewall never seems to redirect traffic dst-port 80 >> traffic to Squid to handle, but if I directly configure the Squid >> proxy settings (localhost:3128) into say Firefox it performs >> flawlessly... So, the problem seems to be in the ipfw's forwarding of >> any dst-port 80 traffic to squid to handle. > > > What troubleshooting have you done? Have you used tcpdump (or another tool) > to see what packets your machine is seeing? Ah, snap the last line of https://trac.macports.org/wiki/howto/SetupInterceptionSquid "Try to access some Internet web-sites from your client computers and check squid's access.log file for HITS/MISS." should of clued me in on the fact that I should of been running my Mac as a gateway. This might seem obvious now, but the original article doesn't blatantly call this out... My bust. I'll have to keep digging for a way to cache dst port 80 requests... Thanks for your help. -Michael _______________________________________________ macports-dev mailing list [email protected] http://lists.macosforge.org/mailman/listinfo.cgi/macports-dev
