Re: Redirecting from Cisco

From: A.Saeed <arsh@dont-contact.us>
Date: Wed, 11 Feb 1998 20:45:31 +0500 (PKT)

Thanx Brian.

On Wed, 11 Feb 1998, Brian wrote:

> On Wed, 11 Feb 1998, A.Saeed wrote:
>
> > dear fellows :
> >
> > I have been following your steps.
> > Icouldn't be able to run ipfw with -r option it always says -r illegal and
> > -S needed etc. .
> > Please help me in this .
> > regards
> >
>
> 1. This will not work in older versions of ipfwadm, make sure you follow
> the link at the Squid FAQ and get the latest distribution, I use 2.3.0
>
> constellation:~# ipfwadm -h
> ipfwadm 2.3.0, 1996/07/30
>
>
> 2. Make sure you compile your Linux kernel with Transparent Proxying,
> which is an experimental option, so make sure you enable "experimental
> drivers" in the kernel config:
>
> constellation:~# man ipfwadm
> -r [port]
> Redirect packets to a local socket. When this
> option is set, packets accepted by this rule will
> be redirected to a local socket, even if they were
> sent to a remote host. If the specified redirec-
> tion port is 0, which is the default value, the
> destination port of a packet will be used as the
> redirection port. This option is only valid in
> input firewall rules with policy accept and can
> only be used when the Linux kernel is compiled with
> CONFIG_IP_TRANSPARENT_PROXY defined.
>
>
>
> Brian
>
>
>
>
>
>
>
>
>
> >
> > On Fri, 6 Feb 1998, Brian wrote:
> >
> > > On Sat, 7 Feb 1998, Lincoln Dale wrote:
> > >
> > > > >int e0
> > > > >ip policy route-map proxy-redirect
> > > > >
> > > > >IOS 11.1(6)
> > > > >
> > > > >I configured my netscape to use no proxies, and when I request a web page,
> > > > >i get nothing. does anyone know what could commonly be the matter?
> > > >
> > > > i assume ethernet0 isn't the interface to your uplink ISP? you need
> > > > to put the policy-route statement on the *outgoing* interface, where
> > > > packets are destined, prior to being policy-routed to their correct
> > > > destination.
> > > >
> > > > cheers,
> > > >
> > > > lincoln.
> > > >
> > >
> > > Thanks! int s0 is outgoing, thanks, thats what i needed.
> > >
> > > Brian
> > >
> > > /-------------------------- signal@shreve.net -----------------------------\
> > > | Brian Feeny | USR TC Hubs | ShreveNet Inc. (318)222-2638 |
> > > | Network Administrator | Perl, Linux | Web hosting, online stores, |
> > > | ShreveNet Inc. | USR Pilot | Dial-Up 14.4-56k, ISDN & LANs |
> > > | 89 CRX DX w/MPFI, lots of |-=*:Quake:*=-| http://www.shreve.net/ |
> > > | mods/Homepage coming soon |LordSignal/SN| Quake server: 208.206.76.47 |
> > > \-------------------------- 318-222-2638 x109 -----------------------------/
> > >
> > >
> >
>
> /-------------------------- signal@shreve.net -----------------------------\
> | Brian Feeny | USR TC Hubs | ShreveNet Inc. (318)222-2638 |
> | Network Administrator | Perl, Linux | Web hosting, online stores, |
> | ShreveNet Inc. | USR Pilot | Dial-Up 14.4-56k, ISDN & LANs |
> | 89 CRX DX w/MPFI, lots of |-=*:Quake:*=-| http://www.shreve.net/ |
> | mods/Homepage coming soon |LordSignal/SN| Quake server: 208.206.76.47 |
> \-------------------------- 318-222-2638 x109 -----------------------------/
>
>
Received on Wed Feb 11 1998 - 07:55:34 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:38:51 MST