Wow, just wow. On Sun, May 23, 2010 at 1:07 PM, Henning Brauer <[email protected]>wrote:
> * Rene Maroufi <[email protected]> [2010-05-23 14:04]: > > Hi, > > > > i update my firewall to 4.7 and changed my rdr and nat rules. But there > > is one thing i don't understand: I use a transparent proxy (Squid) on > > the same machine and in pf.conf this rdr-rule: > > > > pass in quick on $ifklan proto tcp from $klan to ! <allintern> port 80 > > rdr-to 127.0.0.1 port 3128 > > > > This works fine. If I comment this rule out, traffic is blocked. Thats > > OK. If i remove only the "quick" word, traffic is passed through the > > firewall without being proxied. But there is no other rule after this > > rule to let traffic through the firewall. If there was a other rule, > > comment this rule out, can't stop the traffic. I don't understand this > > behaviour. > > well, there HAS to be another rule that matches later, or this would > not happen. > > -- > Henning Brauer, [email protected], [email protected] > BS Web Services, http://bsws.de > Full-Service ISP - Secure Hosting, Mail and DNS Services > Dedicated Servers, Rootservers, Application Hosting > > -- /"\ ASCII Ribbon Campaign \ / Respect for low technology. X Keep e-mail messages readable by any computer system. / \ Keep it ASCII.
