All, I have setup squid transparent proxy on my internal network, I would like to redirect all web traffic to this box without configuring each client. Here are the links I used to get squid setup, and if I point each browser to the proxy it works fine and I can see the request in the squid log file.
http://squid.visolve.com/white_papers/trans_caching.htm#squidintrans http://www.benzedrine.cx/transquid.html When I try to use a rdr on the $int_if nothing works is this possible with squid on the same internal network as the pf internal interface? If so can anyone help me with the proper rdr statement in my pf.conf below. Some might ask why I am doing this only experimenting right now but with permission of my isp http://support.speakeasy.net/cgi-bin/support.cfg/php/enduser/std_adp.php ?&p_refno=030512-000240#admin I have setup 2 other homes via wireless to my local network my link is not being saturated at all yet, because the other homes are older couples that only want to play chess or checkers or cards online and have email with a little browsing. So I figured it would be a good time to play with Squid a bit. I appreciate any of your replies. # macros int_if = "xl0" ext_if = "fxp0" tcp_services = "{ 113 }" icmp_types = "{ 8, 11 }" priv_nets = "{ 127.0.0.0/8, 192.168.0.0/16, 172.16.0.0/12, 10.0.0.0/8 }" # options set block-policy return set loginterface $ext_if # scrub scrub in all #Que altq on $ext_if priq bandwidth 695Kb queue { q_pri, q_def } queue q_pri priority 7 queue q_def priority 1 priq(default) # nat/rdr nat on $ext_if from $int_if:network to any -> $ext_if # filter rules block all pass quick on lo0 all block drop in quick on $ext_if from $priv_nets to any block drop out quick on $ext_if from any to $priv_nets pass in on $ext_if inet proto tcp from any to $ext_if port $tcp_services flags S/SA keep state queue (q_def, q_pri) pass in inet proto icmp all icmp-type $icmp_types keep state pass in on $int_if from $int_if:network to any keep state pass out on $int_if from any to $int_if:network keep state pass out on $ext_if proto { udp, icmp } all keep state pass out on $ext_if proto tcp from $ext_if to any flags S/SA keep state queue (q_def, q_pri)
