hi.
rdr on $int_if proto tcp from {$desktop1, $desktop2} to any port 80 ->
$squidserver port 3128
should do the trick.
stephen.
On 6/1/05, Henry <[EMAIL PROTECTED]> wrote:
> I have a squid server setup within my internal network and it does
> work since I can manually set the proxy information into my desktops
> and I am good to go. But I want to do transparent proxying.. Anyway
> since this isn't a squid mailing list... I am sure my problem is with
> my routing/firewall rules...
>
> What I want do is whenever desktops on the internal network want to
> connect to the web (without setting proxy settings, so users don't
> know there exists a web proxy), they are instead redirected to the
> squidserver.
>
> My router is running OpenBSD + PF, my squid server is running FreeBSD
> + PF.
> In my router I added a one line rdr rule basically like this
> rdr on $int_if proto tcp from {$desktop1, $desktop2} to any port www -
> > $squidserver
> Connecting from a browser on one of the 2 desktops times out...
> Of course this won't work according to (http://www.openbsd.org/faq/pf/
> rdr.html#rdrnat)
>
> So I try the NAT & inetd+nl methods listed. Now my browser shows a
> squid error response saying it was an invalid request because
> information was missing which is from what I read should be the case
> when using NAT. But I don't understand why the inetd+nl method
> doesn't work.
>
> Well like I said the squid server works fine when I manually input
> the squid server and port into my desktop browser side tracking the
> redirecting rules... So I am sure this is a firewall issue with my
> router...
>
> How can I redirect web traffic from my desktops to $squidserver and
> keep the original (web address) destination address intact and all
> other data ?
>
