pf routing to proxy
I've run into an odd problem trying to get pf to route properly to a proxy box. The set up we have is: individual testing PC, pf (OpenBSD 4.7), proxy (CentOS 5.2, Apache 2.2).
Internet / \ / \ / \ proxy -------- firewall | | test box
The rules for this are:
pass out quick on $ext_if proto tcp from $test_box to any port 80 rdr-to $proxy port 8080
(Test box and proxy IPs are obscured here, but they're spelled out in the actual rule.)
On the test box, the proxy works fine if it's set directly in Firefox. Otherwise, connections hang and no data is returned. Running tcpdump on the proxy, I can see the traffic coming in from the test box at first, but it never responds to any ack packets going back out from the proxy. On the firewall, tcpdump and pf -ss show the packets going from the test box to the proxy, but they're getting lost.
The proxy and test box are on two different private networks, but the proxy has a static route to use the firewall as its router when trying to reach the test box network.
Can anyone think of what the problem could be?
Last edited by phoenix; 25th August 2011 at 07:43 PM.
|Thread||Thread Starter||Forum||Replies||Last Post|
|routing and ARP questions||unixjingleman||OpenBSD General||9||19th January 2011 08:27 PM|
|ftp-proxy||kazuya25||OpenBSD Installation and Upgrading||4||25th November 2010 06:48 PM|
|Firewall routing||Magoo||FreeBSD General||9||4th November 2008 04:39 PM|
|Routing and routing some more!||Weaseal||FreeBSD General||1||19th August 2008 02:39 PM|
|pf and ftp-proxy||clinty||OpenBSD Security||5||7th May 2008 11:36 PM|