by I was trying to set up a squid proxy server as a transparent proxy in
a FreeBSD 4.4 box with one NIC 3COM configured with IP: 200.144.83.40
and Netmask: 255.255.255.0
I've compiled squid with --enable-ipf-transparent and I've set up
In my Cisco 4000 router:
access-list 110 deny tcp host 200.144.83.40 any eq www
access-list 110 permit tcp any any eq www
route-map proxy-redirect permit 10
match ip address 110
set ip next-hop 200.144.83.40
int eth2/0
ip policy route-map proxy-redirect
and compiled the Kernel with:
options IPFIREWALL
options IPFIREWALL_FORWARD
I've set up the squid.conf file with:
http_port 3128
httpd_accel_host virtual
httpd_accel_port 80
httpd_accel_with_proxy on
httpd_accel_uses_host_header on
And in rc.local:
ipfw add 49 allow tcp from 200.144.83.40 to any
ipfw add 50 fwd 200.144.83.40,3128 tcp from any to any 80
ipfw add 60000 allow all from any to any
With this configuration none computer in the network is able to access
Web.
When I run:
Ipfw show
It shows that the rule 50 is being hit and the number of times it is
hit grows when I try to access Web in a client computer in my network.
Does anybody see anything I missed?
Thanks in advance,
Pedro Paulo