[squid-users] RE: EXTERNAL: [squid-users] client+Dansguardian+Squid+IPFW - all on same pc

(Is 8883 a typo? Should be 8888, per your DansGuardian config, right? I'll assume it's a typo ...)

I run DG + Squid. I don't use IPFW, but I've heard of people using it for local-to-local port fwding ... and a quick google shows people claiming success doing it. And your rules look correct, comparing them to my iptables ruleset for my own DG -> Squid setup.

The only thing that looks odd to me is that port 3333 is only accessible to uid squid -- are you really running DG under that uid?

And are you sure you have DansGuardian's proxyip/proxyport set correctly (127.0.0.1/3333)?

Oh -- are you on a Mac? Is there any chance they "dumbed down" IPFW to not allow localhost port fwding? (sound's like an Apple kind of thing to do ...)
 
-----Original Message-----
From: Tony [mailto:rigstars_at_gmail.com]
Sent: Friday, September 10, 2010 5:31 PM
To: squid-users_at_squid-cache.org
Subject: EXTERNAL: [squid-users] client+Dansguardian+Squid+IPFW - all on same pc

client+Dansguardian+Squid+IPFW - all on same pc

I have one computer that has Dansguardian (127.0.0.1:8888)
and Squid (127.0.0.1:3333) and IPFW installed. From the same computer,
I'm trying to redirect port 80 to Dansguardian's port 8888 using the
rulesets below.
Is this possible? I read that ipfw does not allow forwarding from the
same machine. Is this true? Something wrong with my rules?

allow tcp from any to any dst-port 80 out uid squid
allow tcp from any to any dst-port 3333 out uid squid
fwd 127.0.0.1,8883 tcp from any to any 80
Received on Sat Sep 11 2010 - 05:21:45 MDT