On Wed, 2003-11-26 at 11:38, Jean-Francois Dive wrote:
> to redirect traffic, it must see the traffic (read route). You should
> setup the redirection on your default gw.
Thanks for the hint, that is what i've thought at a first glance but
since the transparent box is sited in between the LAN and the rest of
the world shouldn't it see the traffic anyway ?!
------------ ------ ------------
LAN ----| LAN DEF GW |-----| OBSD |-----| ISP Router |--->
------------ ------ ------------
LAN DEF GW is the def gw for the entire lan (which is a HSRP between on
cisco 3600 and one cisco 4000) that has as def gw the ISP router.
Now as you suggested i should set a route on "LAN DEF GW" to point
outgoing web access to go through OBSD... but the outgount web traffic
shouldn't be caught anyway by a rule like this one:
rdr on $int_if inet proto tcp from $internal_net to any port www ->
127.0.0.1 port 3128
Thanks very much for you suggestion.
--
Thelmo
