Hi guys,
I am a newbie to FreeBSD but have some Linux experience, so please forgive me if I say something stupid. Firstly, here's what I want to achieve - I would like to port forward pass all traffic from my Sky hub router to and from the FreeBSD proxy (192.168.0.3 hostname tinman) to my Linux clients as below:
The FreeBSD Squid application is set to port 3128 and I have also set up IPFW on the same box. Setting the client's browsers to the proxy name and port 3128 works fine. I am puzzled, though, by the fact that I can't ping out from the proxy box or any of my Linux clients. Trying to ping a WAN address just hangs with no errors. Something must be wrong but I'm not sure where I should be looking. Here's my rc.conf file configuration:
Here's the IPFW rules configuration:
Any help would be gratefully received.
Please let me know if any more information is needed.
I am a newbie to FreeBSD but have some Linux experience, so please forgive me if I say something stupid. Firstly, here's what I want to achieve - I would like to port forward pass all traffic from my Sky hub router to and from the FreeBSD proxy (192.168.0.3 hostname tinman) to my Linux clients as below:
Code:
# Enable Service Name Action LAN Users WAN Servers Log
1 HTTP ALLOW always 192.168.0.3 (1:65535) 0.0.0.0 (80) Always
# Enable Service Name Action LAN Users WAN Servers Log
1 HTTP ALLOW always 192.168.0.3 (80) 0.0.0.0 (1:65535) AlwaysThe FreeBSD Squid application is set to port 3128 and I have also set up IPFW on the same box. Setting the client's browsers to the proxy name and port 3128 works fine. I am puzzled, though, by the fact that I can't ping out from the proxy box or any of my Linux clients. Trying to ping a WAN address just hangs with no errors. Something must be wrong but I'm not sure where I should be looking. Here's my rc.conf file configuration:
Code:
hostname="tinman"
wlans_wpi0="wlan0"
#ifconfig_wlan0="inet 192.168.0.3 netmask 255.255.255.0"
defaultrouter="127.0.0.1"
ifconfig_wlan0="WPA DHCP"
ifconfig_wlan0_ipv6="inet6 accept_rtadv"
ipfilter_enable="YES"
sshd_enable="YES"
squid_enable="YES"
moused_enable="NO"
apache24_enable="YES"
firewall_enable="YES"
firewall_script="YES"
firewall_script="/usr/local/etc/ipfw.rules"
# Set dumpdev to "AUTO" to enable crash dumps, "NO" to disable
dumpdev="NO"Here's the IPFW rules configuration:
Code:
IPF="ipfw -q add"
ipfw -q -f flush
#loopback
$IPF 10 allow all from any to any via lo0
$IPF 20 deny all from any to 127.0.0.0/8
$IPF 30 deny all from 127.0.0.0/8 to any
$IPF 40 deny tcp from any to any frag
# statefull
$IPF 50 check-state
$IPF 60 allow tcp from any to any established
$IPF 70 allow all from any to any out keep-state
$IPF 80 allow icmp from any to any
# open port ftp (20,21), ssh (22), mail (25)
# http (80), dns (53) etc
$IPF 110 allow tcp from any to any 21 in
$IPF 120 allow tcp from any to any 21 out
$IPF 130 allow tcp from any to any 22 in
$IPF 140 allow tcp from any to any 22 out
$IPF 150 allow tcp from any to any 25 inAny help would be gratefully received.
Please let me know if any more information is needed.
