hi, i know it seem out of topic, i recently build a proxy server to serve our small ISP, but i'm facing a big problem. as far as i know FreeBSD didn't support TPROXY like linux had. but i need to build this proxy transparently so only my client ips that visible when browsing. i use ipnat and ipf with Squid latest stable release. does anyone has experience building a true transparent proxy with FreeBSD? please share the knowledge and the regarding this problems. TIA Zen
On Tuesday 17 April 2007 09:17, zen wrote:> i know it seem out of topic, > i recently build a proxy server to serve our small ISP, > but i'm facing a big problem. as far as i know FreeBSD didn't support > TPROXY like linux had. > but i need to build this proxy transparently so only my client ips that > visible when browsing. > i use ipnat and ipf with Squid latest stable release. > does anyone has experience building a true transparent proxy with > FreeBSD? please share the knowledge and the regarding this problems.http://www.benzedrine.cx/transquid.html is a tutorial for OpenBSD + pf + squid, but almost the same steps are required for FreeBSD. If you build squid from the portstree you should enable: [X] SQUID_PF Enable transparent proxying with PF or [ ] SQUID_IPFILTER Enable transp. proxying with IPFilter if you want to stay with ipf + ipnat. -- /"\ Best regards, | mlaier@freebsd.org \ / Max Laier | ICQ #67774661 X http://pf4freebsd.love2party.net/ | mlaier@EFnet / \ ASCII Ribbon Campaign | Against HTML Mail and News -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 187 bytes Desc: not available Url : http://lists.freebsd.org/pipermail/freebsd-stable/attachments/20070417/02817a44/attachment.pgp
On 2007-Apr-17 14:17:05 +0700, zen <zen@tk-pttuntex.com> wrote:>does anyone has experience building a true transparent proxy with FreeBSD? >please share the knowledge and the regarding this problems.Max beat me to answering but I use squid+IPfilter as a transparent proxy on my home firewall. The only problems I've run into are bugs in the IPfilter window handling code. -- Peter Jeremy -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 187 bytes Desc: not available Url : http://lists.freebsd.org/pipermail/freebsd-stable/attachments/20070417/55fb3a88/attachment.pgp
? ????????? ?? Tuesday 17 April 2007 11:17:05 zen ???????(?):> hi, > i know it seem out of topic, > i recently build a proxy server to serve our small ISP, > but i'm facing a big problem. as far as i know FreeBSD didn't support > TPROXY like linux had. > but i need to build this proxy transparently so only my client ips that > visible when browsing. > i use ipnat and ipf with Squid latest stable release. > does anyone has experience building a true transparent proxy with FreeBSD? > please share the knowledge and the regarding this problems. > > TIA > > Zen > > _______________________________________________ > freebsd-stable@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-stable > To unsubscribe, send any mail to "freebsd-stable-unsubscribe@freebsd.org"Dear Zen I use transparent proxy on my home wi-fi network, and on work (ethernet lan) with pf+proxy on FreeBSD gateways without any problems... earlier I used ipfilter+proxy (for transparent proxing) also without problems. I can share my config (pf+proxy) if you need