On Mon, 4 Oct 2010 20:34:52 +0100, Haravikk <me@xxxxxxxxxxxx> wrote: > Been bashing my brains out on this one for ages, but I'm going to have to > admit defeat, as network stuff really isn't my thing. > > Basically, I'm installing Squid on my local machine, and want it to handle > outgoing requests to a particular port, unfortunately the app in question > (Second Life) does not support OS defined proxy servers, so I'm forced to > try and redirect it. The only solution really is ipfw I think, I've already > corrected for the weird OS X.6 issue with ipfw forwarding which now works > as it should. > > I've compiled Squid3 with the ipfw transparent support that is required to > use the intercept option. > > Configuration sets up Squid3 to listen on port 3128, and also to intercept > on port 3178. This appears to work correctly. > > So now all I need is to set up an IPFW rule to direct traffic to 3178, and > I've done the following: > > 100 fwd 127.0.0.1,3178 from any to any dst-port 12046 > > However this seems to generate a loop whereby traffic from Second Life is > routed to localhost:3178, but traffic from squid is also routed to the same > address (itself!) > > I'm completely stumped on how I go about telling ipfw to only redirect > messages from Second Life to port 12046, and allow requests from squid so > that it can actually do its thing. The "from any" is your problem. You need a rule that matches Squid by IP first and bypasses the fwd only for it. Amos
