I'm stuck getting the Squid3 w/ ipdw_transparent port to work as per https://trac.macports.org/wiki/howto/SetupInterceptionSquid and I have concerns Lion may have broken the current squid3 w/ ipfw_transparent macport.
I need an intercepting proxy on my dev box as have problem especially aggravated by Dev Ops programming, I'm spending a great deal time building out virtualized environments with the Vagrant tool; specifically, in authoring base box definition postinstall shell scripts. These scripts pull down countless yum packages in order to build up the base image that I then later further provision with either Puppet or Chef integration frameworks via scripts written in Ruby. When things are dorked up like an apparent dependency problem in the repo, I'm spending a great deal of time in debugging issues especially when throttled behind a T1 connection resulting mind numbing time spent in mostly twiddling my thumbs as I sit through repeated pulls of dependencies to get to where the problem occurs. The intercept config example for FreeBsdIpfw at wiki.squid-cache.org led me to a few corrections, but largely the macports wiki article appears correct: The article in Step 3: Configure Mac OS X firewall fails to obviously mention you need to Start Lion's Firewall through the System Panel -> Security & Privacy -> Firewall tab. And I've tried the following to configure the firewall via the rule: sudo ipfw add 1013 fwd 127.0.0.1,3128 tcp from any to any dst-port 80 recv en0 I verified the rule was set via sudo ipfw list and it returns: $ sudo ipfw list 01013 fwd 127.0.0.1,3128 tcp from any to any dst-port 80 recv en0 65535 allow ip from any to any and I also restarted the firewall just in case w/ each rule change. No dice. I've also configured the kernel as per Step 2: Configure Mac OS X kernel' as described originally at: http://discussions.apple.com/thread.jspa?threadID=2308812&tstart=0 Maybe this portion changed w/ Lion? Once setup, the firewall never seems to redirect traffic dst-port 80 traffic to Squid to handle, but if I directly configure the Squid proxy settings (localhost:3128) into say Firefox it performs flawlessly... So, the problem seems to be in the ipfw's forwarding of any dst-port 80 traffic to squid to handle. Ideas? Is the problem with Apple's firewall or what? -Michael _______________________________________________ macports-users mailing list [email protected] http://lists.macosforge.org/mailman/listinfo.cgi/macports-users
