i seem to remember someone saying that you could NOT redirect out the same interface but not 100% sure.
cs -----Original Message----- From: [EMAIL PROTECTED] on behalf of Dominik Zalewski Sent: Thu 12/21/2006 8:29 AM To: Peter N. M. Hansteen Cc: misc@openbsd.org; pf@benzedrine.cx Subject: Re: Squid 2.6 transparent proxy with pf On Thursday 21 December 2006 15:04, Peter N. M. Hansteen wrote: > Dominik Zalewski <[EMAIL PROTECTED]> writes: > > I have OpenBSD 4.0 firewall and I would like to redirect all outgoing > > http requests to my squid web proxy. > > Daniel Hartmeier wrote about this a while back, his article can be found at > http://www.benzedrine.cx/transquid.html In this article squid is running on the same machine as OpenBSD firewall. In my case I have squid running on different machine connected to LAN interface. My question is can redirect traffic on $int_if to another machine connected to the same interface? Does this rule is corrrect ? rdr pass on $int_if proto tcp from any to any port 80 -> $squid port 8080 pfctl doesnt complain about nothing but its simply doesnt work. here is cut from my squid.conf: ### Main ### http_port 8080 transparent .. acl lan src 10.0.0.0/255.255.255.0 .. http_access allow lan When I setup proxy manually in my browser, its works.
