On Thu, December 6, 2018 12:04 pm, Leo Unglaub wrote: > Hi, > i am trying to use relayd as an outbound proxy. I am following the > manual page and also the book "Httpd and Relayd Mastery". I did this on > the latest release 6.4 and also on the latest snapshot to make sure this > was not already fixed somewhere. I am on amd64. > > My relayd config looks like this: > >> # cat /etc/relayd.conf >> relay "proxy" { >> listen on 127.0.0.1 port 8080 >> forward to destination >> } >> >> relay "proxy2" { >> listen on 192.168.0.19 port 9090 >> forward to destination >> } > > > I use this command to open up a connection from a different host in the > network: > >> $ curl -i -x 192.168.0.19:9090 openbsd.org > > I used the following command when i am on the same host: > >> $ curl -i -x 127.0.0.1:8080 openbsd.org >
I don't have the time to set this up to test, so just throwing ideas out. Doesn't this set up a transparent relay? Should you be configuring a proxy with curl in this case? Did you try it without? > > I get the same error every time: >> # relayd -dvvvvf /etc/relayd.conf >> startup >> pfe: filter init done >> socket_rlimit: max open files 1024 >> socket_rlimit: max open files 1024 >> socket_rlimit: max open files 1024 >> socket_rlimit: max open files 1024 >> parent_tls_ticket_rekey: rekeying tickets >> relay_privinit: adding relay proxy >> protocol -1: name default >> flags: used, relay flags: divert >> tls session tickets: disabled >> type: tcp >> relay_privinit: adding relay proxy2 >> protocol -1: name default >> flags: used, relay flags: divert >> tls session tickets: disabled >> type: tcp >> init_tables: created 0 tables >> relay_launch: running relay proxy >> relay_launch: running relay proxy >> relay_launch: running relay proxy2 >> relay_launch: running relay proxy >> relay_launch: running relay proxy2 >> relay_launch: running relay proxy2 >> relay_connect: session 1: forward failed: Operation not permitted >> relay_close: sessions inflight decremented, now 0 > > > I used the following addition to the default pf.conf. >> pass in on egress inet proto tcp to port 80 divert-to 127.0.0.1 port >> 8080 > If you're connecting from inside the network, is 'in on egress' the correct interace here? > > > Is this a bug in my setup or a problem with relayd? > > I also tryed the entire config from the book "Httpd and Relayd Mastery" > and even when i type it down 1 by 1 i get the same error. > > Thanks and greetings > Leo >