Hello list,
I feel really sad to ask such a question, but after trying hard ~12 h I should ask 4 help
(now I feel really
sleepy, hope the email is
understandable)
/I have the
feeling that it worked before an update to current
dont get me
wrong I just deleted my previous configs :( /
the layout
is:
OpenBSD
current + squid(auth not transparent)
int_if,
ext_if, dsl
internal netz
to web -> squid, route-to $tdsl -> internet web
internal netz to
all -> default route $ext_if -> internet
all
there was 2
variants which came in my head
1) bind squid
listen to internal ip
bind squid tcp_outgoing_address
to $tdsl
default gateway
$gate_ext_if
pf:
pass out log quick on $ext_if
route-to $tdsl proto tcp from $tdsl to any
2) bind squid
listen to internal ip
bind squid tcp_outgoing_address
to $int_ip
default gateway
$gate_ext_if
pf:
nat on $tdsl from $int_ip to any
port $web_ports -> $tdsl
nat on $ext_if from any to any ->
$ext_ip
pass out log quick on $ext_if
route-to $tdsl proto tcp from $tdsl to any
but somehow
both variants doesnt work :(
it could be a
mistake from the order of the rules (i have no ideas
anymore)
in any case
the maximum i can get is that some web sites work,
but most
important dont (didnt investigate it but I guess that the sites with sessions
dont work)
example "www.yahoo.de" doesnt
work
Please give me
a direction how it should be done or post a sample ruleset
which should work.
Thanks
Best
Regards,
ivan
