On Oct 4, 2010, at 3:34 PM, Haravikk wrote: > Been bashing my brains out on this one for ages, but I'm going to have to admit defeat, as network stuff really isn't my thing. > > Basically, I'm installing Squid on my local machine, and want it to handle outgoing requests to a particular port, unfortunately the app in question (Second Life) does not support OS defined proxy servers, so I'm forced to try and redirect it. The only solution really is ipfw I think, I've already corrected for the weird OS X.6 issue with ipfw forwarding which now works as it should. > > I've compiled Squid3 with the ipfw transparent support that is required to use the intercept option. > > Configuration sets up Squid3 to listen on port 3128, and also to intercept on port 3178. This appears to work correctly. > > So now all I need is to set up an IPFW rule to direct traffic to 3178, and I've done the following: > > 100 fwd 127.0.0.1,3178 from any to any dst-port 12046 > > However this seems to generate a loop whereby traffic from Second Life is routed to localhost:3178, but traffic from squid is also routed to the same address (itself!) > > I'm completely stumped on how I go about telling ipfw to only redirect messages from Second Life to port 12046, and allow requests from squid so that it can actually do its thing. > > Any help is greatly appreciated! I've bounced around various articles in Google to little avail, either I just don't understand what the solutions have been, or none of them are working for some reason because I'm missing a step somewhere. > > Thanks! > Haravikk here is a sample of my ipfw script i run. if you would like to see the full blown version i can message off list. #!/bin/sh #Quietly flush out rules /sbin/ipfw -q zero /sbin/ipfw -q -f flush #Set command prefix (add "-q" option after development to turn on quiet mode) cmd="/sbin/ipfw -q add" $cmd 507 fwd 10.0.2.3,3128 tcp from 10.149.0.0/16 to any dst-port 80 in recv en1 $cmd 508 fwd 10.0.2.3,3128 tcp from 10.150.0.0/16 to any dst-port 80 in recv en1 $cmd 509 fwd 10.0.2.3,3128 tcp from 10.151.0.0/16 to any dst-port 80 in recv en1 $cmd 510 fwd 10.0.2.3,3128 tcp from 10.152.0.0/16 to any dst-port 80 in recv en1 $cmd 511 fwd 10.0.2.3,3128 tcp from 10.153.0.0/16 to any dst-port 80 in recv en1 $cmd 512 fwd 10.0.2.3,3128 tcp from 10.142.0.0/16 to any dst-port 80 in recv en1 $cmd 513 fwd 10.0.2.3,3128 tcp from 10.140.0.0/16 to any dst-port 80 in recv en1 $cmd 514 fwd 10.0.2.3,3128 tcp from 10.104.0.0/16 to any dst-port 80 in recv en1 these are just network redirects to squid. -j osx H00t
