Hello Rob, no this is the same machine :) -- Cordialement, Loïc BLOT, Expertise en Systèmes UNIX, Sécurité et Réseaux http://www.unix-experience.fr Le vendredi 31 mai 2013 à 04:58 -0700, Rob Sheldon a écrit : > On 2013-05-30 21:34, Loïc BLOT wrote: > > > Hello Rob, > > I use OpenBSD and squid 3.3.4 in production environment, you'll > > exactly > > what you need here: > > http://www.unix-experience.fr/2013/create-a-powerfull-proxy-cache-with-squid-and-openbsd-2/#sthash.9SpWE1kn.dpbs > > [2] > > Have a nice day > > Thanks -- that looks like a good guide, and I wish I'd found it before > the other one. > > However: it looks like your guide was written for a physical squid > server separate from a physical firewall, and other than that, I can't > find a significant difference between the configuration in your guide > and my problematic configuration. > > Maybe there's some kind of routing issue with doing an rdr on a machine > running both the firewall and the proxy functions? > > ...hmm. That might be it, actually. Since Squid is binding to the LAN > interface, trying to rdr packets coming in on the LAN interface back to > a service on the LAN interface won't work. I'll try setting http_port to > one of the other interfaces and see if that changes anything. > > Thanks, > > - R.