In message <3B5B95C6.4AD5F74Amiltonstreet.com>, Sam Carleton writes:
> Folks,
>
> I would like to setup a proxy server for FTP and HTTP, what do folks
> recommend?

Squid has a transparent HTTP and FTP proxy mode which is specified at
configuration time, prior to build. On my firewall here at home, I
have the following ipnat.conf statements:

rdr ed0 !from X.X.X.X to any port = 80 -> 127.0.0.1 port 3128 tcp
rdr ed1 !from X.X.X.X to any port = 80 -> 127.0.0.1 port 3128 tcp

Where,

ed0 and ed1 are internal interfaces on my two internal networks. dc0
is my external interface. tun3 is an IPSec VPN to the office using
pipsecd, which is virtually an external interface when viewed in
perspective from my network at home.

From a previous note today, IIRC your external interface is iy0 and
your internal interface is ex0. As you probably don't have the issues
that I'm circumventing, your rdr statement would be simpler than mine
and look like,

rdr ex0 0/0 port 80 -> 127.0.0.1 port 3128 tcp

... that's right, the rdr must be specified on your internal interface
because that is where you need intercept your web traffic to redirect
to Squid.

Regards, Phone: (250)387-8437
Cy Schubert Fax: (250)387-5766
Team Leader, Sun/Alpha Team Internet: Cy.Schubertosg.gov.bc.ca
Open Systems Group, ITSD, ISTA
Province of BC

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]