2013-01-15 11:10, Daniel Hartmeier skrev:
Wait, the squid server is on a separate host, on the $int_if side of the
firewall (the same side the clients are on)?
Then transparent proxying would require "reflection", and doesn't work, see
http://www.openbsd.org/faq/pf/rdr.html#reflect
If squid is seeing TCP_MISS errors, that probably means the clients are
using the proxy explicitely (not transparently), and the rdr is not
being used at all...
This worked for the past years how?
Daniel
Yes! This machine has been in service since Freebsd 7.2.
That's why I'm totally lost and ask for advise.
It's one machine with two nic's functioning as a gateway running pf and
squid as proxy.
The problems showed themselves when squid updated to version 3.2.
Any help to clarify the situation is appreciated.
Thanks
/Leslie