Re: Redirecting from Cisco

From: Henrik Nordstrom <>
Date: Sun, 08 Feb 1998 19:45:34 +0100

Brian wrote:

> ipfwadm -I -a accept -P tcp -D thishost 80

Correct. It was a error in my previous post ;-)

> So now, i have squid answering on 3128, and my rules look like:
> IP firewall input rules, default policy: accept
> type prot source destination ports
> acc all anywhere anywhere n/a
> acc tcp anywhere any -> www
> acc/r tcp anywhere anywhere any -> www => 3128
> ( is my squid machine)
> Should this avoid those infinite loops?

Yes. Now you have a rule that allows traffic throught to the local port
80 when requested. Always use -e option when printing firewall rules, as
the default format omits the interface names and other important
information (the first rule only matches packets on the loop-back

Henrik Nordström
Sparetime Squid Hacker
Received on Sun Feb 08 1998 - 10:55:42 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:38:49 MST