[FUGSPBR] [OFFTOPIC] PF

William David Armstrong bio em bsd-unix.com.br
Qui Jul 17 18:19:37 BRT 2003 

rdr on $int_if proto tcp from any to any port 80 -> 127.0.0.1 port 3128 


tenta  trocar o  ip  do  127.0.0.1  para o  ip  da  placa de rede 
interna ( 10.0.0.1 )

Emanoel wrote:

>Galera,
>
>estou com um problema com o pf no openbsd. Não consigo utilizar o route-to junto com o rdr (para o squid).
>
>Se utilizo o rdr para o squid não funciona o acesso a web, os demais serviços funcionam com balanceamento corretamente.
>
>É possível fazer balanceamento do carga utilizando o route-to e rdr? Ou existe alguma outra froma de fazer isso?
>
>Alguém pode me ajudar?
>
>Meu pf.conf:
>
>
>##############
>internal_net = "192.168.2.0/24"
>int_if = "rl2"
>ext_if1 = "rl0"
>ext_if2 = "rl1"
>ext_gw1 = "200.247.xxx.29"
>ext_gw2 = "192.168.1.254"
>
>scrub in all
>
>nat on $ext_if1 from $internal_net to any -> ($ext_if1)
>nat on $ext_if2 from $internal_net to any -> ($ext_if2)
>
>rdr on $int_if proto tcp from any to any port 80 -> 127.0.0.1 port 3128 
>
>pass in all
>pass out all
>
>pass quick on lo0 all
>pass out on $int_if from any to $internal_net
>pass in quick on $int_if from $internal_net to $int_if
>
>pass in on $int_if route-to { ($ext_if1 $ext_gw1), ($ext_if2 $ext_gw2) } round-robin proto tcp from $internal_net to any flags S/SA modulate state
>
>pass in on $int_if route-to { ($ext_if1 $ext_gw1), ($ext_if2 $ext_gw2) } round-robin proto { udp, icmp } from $internal_net to any keep state
>
>pass out on $ext_if1 route-to ($ext_if2 $ext_gw2) from $ext_if2 to any
>pass out on $ext_if2 route-to ($ext_if1 $ext_gw1) from $ext_if1 to any
>
>pass out on $ext_if1 proto tcp from any to any flags S/SA modulate state
>pass out on $ext_if1 proto { udp, icmp } from any to any keep state
>pass out on $ext_if2 proto tcp from any to any flags S/SA modulate state
>pass out on $ext_if2 proto { udp, icmp } from any to any keep state
>
>#################
>
>Já procurei no google e até agora nada :-(
>
>
>[]'s
>
>Emanoel
>_______________________________________________________________
>Sair da Lista: http://www2.fugspbr.org/mailman/listinfo/fugspbr
>Historico: http://www4.fugspbr.org/lista/html/FUG-BR/
>
>
>
>  
>

-- 
-=-=-=-=-=-=-=-=-=-

     William David Armstrong
 System Administrator Bio Systems.

http://biohazard.kick-ass.org:8080/
bio em bsd-unix.com.br   bio_wolf em yahoo.com
ICQ 102537476     ICQ 27550645



_______________________________________________________________
Sair da Lista: http://www2.fugspbr.org/mailman/listinfo/fugspbr
Historico: http://www4.fugspbr.org/lista/html/FUG-BR/

Mais detalhes sobre a lista de discussão freebsd