On 28 Nov 2003 02:04:09 -0800, [EMAIL PROTECTED] (Thelmo Loisio) wrote: >On Thu, 2003-11-27 at 18:19, Greg Hennessy wrote:
>Well my filtering rules are (for test only of course): >pass in all >pass out all > >So i suppose shouldn't be that the problem, don't you think so ? > >In a situation like this one: >----- -------- ---------- ------------ > lan |----| switch |---| myBridge |-----| ISP Router | >----- -------- ---------- ------------ > >Could be the switch (a catalyst 3500) the problem !? > I wouldnt think so. You're seeing the incoming traffic. > >> If you just want to implement a transparent cache, putting a route map on >> your inside cisco and use policy based routing to hand off to squid would >> be the way I'd do it. > >I know but that lan is complicated there's more then one way to exit to >the net with more gws... what i cannot really understand is that with >pfctl -ss i see the rdirected connection but in the squid log nothing >appear You'll find running tcpdump on all the relevant interfaces is a lot more useful than just pfctl on its own. Next question, the address you assigned to an NIC for squid to bind against, is it a real internet routable address provided by your ISP or RFC 1918 ? greg -- $ReplyAddress = Use google to figure it out. The Following is a true story..... Only the names have been changed to protect the guilty.
