--- Ghislain Garçon <gigi_8439@xxxxxxxx> wrote: > Thanks, > i've already read this article but as you said, > port tree install > squid-2.5. I'd like to test 2.6 and 3.0 and it's > look like with 2.6 > and 3.0 there is a problem... or FreeBSD needs non > documented tips, I > don't known. > Furthermore the proxy work fine if it is not in > interception. > > Regards, > > Ghislain looking back to your problem with clientNatLookup: NAT open failed, seems that the problem was not squid itself, more like something wrong with your pf, are you sure that you've build pf integration with your freebsd kernel ? some note from benzedrine.cx : Note that squid needs to open /dev/pf in order to query the packet filter. The default permissions for this file allow access only to root. squid is running as user _squid, group _squid, so one way to allow access to squid is by changing the group ID of the file to _squid and make it group-accessable: # chgrp _squid /dev/pf # chmod g+rw /dev/pf it's possible that /dev/pf don't exist _or_ squid was unable to access /dev/pf regards, Agung ____________________________________________________________________________________ Do you Yahoo!? Everyone is raving about the all-new Yahoo! Mail beta. http://new.mail.yahoo.com
