On Oct 4, 2010, at 3:34 PM, Haravikk wrote: > Been bashing my brains out on this one for ages, but I'm going to have to > admit defeat, as network stuff really isn't my thing. > > Basically, I'm installing Squid on my local machine, and want it to handle > outgoing requests to a particular port, unfortunately the app in question > (Second Life) does not support OS defined proxy servers, so I'm forced to try > and redirect it. The only solution really is ipfw I think, I've already > corrected for the weird OS X.6 issue with ipfw forwarding which now works as > it should. > > I've compiled Squid3 with the ipfw transparent support that is required to > use the intercept option. > > Configuration sets up Squid3 to listen on port 3128, and also to intercept on > port 3178. This appears to work correctly. > > So now all I need is to set up an IPFW rule to direct traffic to 3178, and > I've done the following: > > 100 fwd 127.0.0.1,3178 from any to any dst-port 12046 > > However this seems to generate a loop whereby traffic from Second Life is > routed to localhost:3178, but traffic from squid is also routed to the same > address (itself!) > > I'm completely stumped on how I go about telling ipfw to only redirect > messages from Second Life to port 12046, and allow requests from squid so > that it can actually do its thing. > > Any help is greatly appreciated! I've bounced around various articles in > Google to little avail, either I just don't understand what the solutions > have been, or none of them are working for some reason because I'm missing a > step somewhere. > > Thanks! > Haravikk
here is a sample of my ipfw script i run. if you would like to see the full blown version i can message off list. #!/bin/sh #Quietly flush out rules /sbin/ipfw -q zero /sbin/ipfw -q -f flush #Set command prefix (add "-q" option after development to turn on quiet mode) cmd="/sbin/ipfw -q add" $cmd 507 fwd 10.0.2.3,3128 tcp from 10.149.0.0/16 to any dst-port 80 in recv en1 $cmd 508 fwd 10.0.2.3,3128 tcp from 10.150.0.0/16 to any dst-port 80 in recv en1 $cmd 509 fwd 10.0.2.3,3128 tcp from 10.151.0.0/16 to any dst-port 80 in recv en1 $cmd 510 fwd 10.0.2.3,3128 tcp from 10.152.0.0/16 to any dst-port 80 in recv en1 $cmd 511 fwd 10.0.2.3,3128 tcp from 10.153.0.0/16 to any dst-port 80 in recv en1 $cmd 512 fwd 10.0.2.3,3128 tcp from 10.142.0.0/16 to any dst-port 80 in recv en1 $cmd 513 fwd 10.0.2.3,3128 tcp from 10.140.0.0/16 to any dst-port 80 in recv en1 $cmd 514 fwd 10.0.2.3,3128 tcp from 10.104.0.0/16 to any dst-port 80 in recv en1 these are just network redirects to squid. -j osx H00t
