On Feb 17, 2011, at 2:46 AM, Harald Dunkel wrote: > Hi Jeff, > > On 02/16/11 16:40, jeffrey j donovan wrote: >> >> is squid configured as intercept ( aka transparent ) or as proxy? >> >> post squid.conf and we can see whats up. > > Sorry, I knew I had forgotten something. Here it is: > > # cat /etc/squid3/squid.conf | egrep -v ^\#\|^\$ > http_access allow all > http_port 3128 > http_port 3129 intercept disable-pmtu-discovery=transparent > hierarchy_stoplist cgi-bin ? > cache_dir aufs /var/spool/squid3 4096 16 256 > coredump_dir /var/spool/squid3 > refresh_pattern ^ftp: 1440 20% 10080 > refresh_pattern ^gopher: 1440 0% 1440 > refresh_pattern -i (/cgi-bin/|\?) 0 0% 0 > refresh_pattern . 0 20% 4320 > icap_enable on > icap_preview_enable on > icap_preview_size 128 > icap_send_client_ip on > icap_service service_req reqmod_precache bypass=1 icap://127.0.0.1:1344/squidclamav > icap_service service_resp respmod_precache bypass=0 icap://127.0.0.1:1344/squidclamav > adaptation_access service_req allow all > adaptation_access service_resp allow all > dns_defnames on > > > Squid is version 3.1.9. > > (I will fix the acl today, big promise.) > > > Regards > > Harri greetings im assuming your using ipfw on BSD, what does your redirect statement look like ? it should look something like ; fwd 10.0.2.3,3128 tcp from 10.104.0.0/16 to any dst-port 80 in recv en1 -j
