2013-01-14 10:50, Daniel Hartmeier skrev:
On Sat, Jan 12, 2013 at 08:03:41AM +0100, Leslie Jensen wrote:
New suggested rule that gives syntax error
# rdr in on $int_if inet proto tcp from ! $proxy to any port
$proxy_services -> $proxy $proxyport tag rdr_proxy
1) Remove "in" (rdr implies incoming direction)
2) Remove "tag rdr_proxy" (newer OpenBSD syntax, not needed here)
3) Add "port" after the "->" part (not optional)
So it reads:
rdr on $int_if inet proto tcp from ! $proxy to any port $proxy_services ->
$proxy port $proxyport
Which loads fine for me on 8.3-RELEASE-p4.
HTH,
Daniel
Yes it loads as it should. Now I do have a problem with squid getting a
load of tcp_miss errors.
If I disable the above rule and let the traffic go directly to the
Internet there's no problem.
I wonder if it might be any of the rules I have to allow traffic through
squid.
Will you take a look and see if there's anything obviously wrong?
# Allow traffic through SQUID
# New rule
> I understand that this need to be changed now that we have removed
> the tag from the redirecting rule
# pass in quick log on $int_if inet proto tcp flags S/SAFR tagged rdr_proxy
> Changing to this does not help!
pass in quick log on $int_if inet proto tcp flags S/SAFR
#
# old rule
# pass in log on $int_if inet proto tcp from $internal_net to $proxy
port 8080 keep state
pass out log on $ext_if inet proto tcp from $proxy to any port
$proxy_services keep state
Thanks
/Leslie
