On Mon, 4 Oct 2010 20:34:52 +0100, Haravikk <me_at_haravikk.com> wrote:
> Been bashing my brains out on this one for ages, but I'm going to have
to
> admit defeat, as network stuff really isn't my thing.
>
> Basically, I'm installing Squid on my local machine, and want it to
handle
> outgoing requests to a particular port, unfortunately the app in
question
> (Second Life) does not support OS defined proxy servers, so I'm forced
to
> try and redirect it. The only solution really is ipfw I think, I've
already
> corrected for the weird OS X.6 issue with ipfw forwarding which now
works
> as it should.
>
> I've compiled Squid3 with the ipfw transparent support that is required
to
> use the intercept option.
>
> Configuration sets up Squid3 to listen on port 3128, and also to
intercept
> on port 3178. This appears to work correctly.
>
> So now all I need is to set up an IPFW rule to direct traffic to 3178,
and
> I've done the following:
>
> 100 fwd 127.0.0.1,3178 from any to any dst-port 12046
>
> However this seems to generate a loop whereby traffic from Second Life
is
> routed to localhost:3178, but traffic from squid is also routed to the
same
> address (itself!)
>
> I'm completely stumped on how I go about telling ipfw to only redirect
> messages from Second Life to port 12046, and allow requests from squid
so
> that it can actually do its thing.
The "from any" is your problem. You need a rule that matches Squid by IP
first and bypasses the fwd only for it.
Amos
Received on Mon Oct 04 2010 - 22:23:50 MDT
This archive was generated by hypermail 2.2.0 : Tue Oct 05 2010 - 12:00:02 MDT