ipfiltering: rdr -> nop

From: Federico Giannici <giannici@dont-contact.us>
Date: Tue, 28 Apr 1998 12:42:18 +0000

I have set up a cache with transparent proxy on port 80 with
ipfilter (OpenBSD 2.2/i386).

On the same machine there is also a web server for about 20
virtual hosts. I cannot access my web servers trought proxy:
proxy access is allowed only by local IPs and web servers by
every IP.

So I have to precede the standard ipnat line...

rdr de0 0.0.0.0/0 port 80 -> a.b.c.d port 8080

...with lines like these:

rdr de0 a.b.c.1/255.255.255.255 port 80 -> a.b.c.1 port 80
rdr de0 a.b.c.2/255.255.255.255 port 80 -> a.b.c.2 port 80
rdr de0 a.b.c.3/255.255.255.255 port 80 -> a.b.c.3 port 80
[...]

Is there a better way to tell ipnat to don't redir a class of
IP addresses? Something like this:

rdr de0 a.b.c.0/255.255.255.0 port 80 -> nop

Thanks,
___________________________________________________
    __
   |- giannici@neomedia.it
   |ederico Giannici http://www.neomedia.it

        Amministratore unico - NEOMEDIA sas
___________________________________________________
Received on Tue Apr 28 1998 - 05:48:37 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:39:58 MST