pf/net-stack bug ? - anyone using pf nat+rdr and squid ?

Simon 'corecode' Schubert corecode at fs.ei.tum.de
Fri Apr 29 04:16:05 PDT 2005


On 29.04.2005, at 07:06, Andrew Atrens wrote:
rdr on $int_if inet proto tcp from $int_if:network to any port www -> 
127.0.0.1 port 3128
rdr on $lan_if inet proto tcp from $lan_if:network to any port www -> 
127.0.0.1 port 3128

pass in log on $int_if inet proto tcp from any to 127.0.0.1 port 3128 
keep state
pass in log on $lan_if inet proto tcp from any to 127.0.0.1 port 3128 
keep state
i get the feeling that this has to do something with 127.0.0.1, but i'm 
not sure. could you add an alias (192.168.1.1 for example) and try with 
that ip instead? also, could you look into squid listening on 127.0.0.1 
only (and not on *)?

thanks
  simon
--
Serve - BSD     +++  RENT this banner advert  +++    ASCII Ribbon   /"\
Work - Mac      +++  space for low $$$ NOW!1  +++      Campaign     \ /
Party Enjoy Relax   |   http://dragonflybsd.org      Against  HTML   \
Dude 2c 2 the max   !   http://golden-apple.biz       Mail + News   / \
Attachment:
PGP.sig
-------------- next part --------------
A non-text attachment was scrubbed...
Name: pgp00014.pgp
Type: application/octet-stream
Size: 186 bytes
Desc: "Description: This is a digitally signed message part"
URL: <http://lists.dragonflybsd.org/pipermail/kernel/attachments/20050429/1759a593/attachment-0018.obj>


More information about the Kernel mailing list