[FUGSPBR] [OFFTOPIC] PF

Emanoel emanoel em wildcom.com.br
Qui Jul 17 18:29:58 BRT 2003 

Giovanni,

Fiz um teste com as configurações que você me passou e infelizmente continua
não funcionando.... :-(

Já estou quase desistindo de implementar tudo em uma máquina, e por o squid
em uma máquina e o balanceamento em outra.

Mas se alguém ainda estiver alguma dica para me dar..... (estou enviando o
pf.conf atual)

Agradeço a ajuda de todos....


[]'s

Emanoel



#############
internal_net = "192.168.2.0/24"
int_if = "rl2"
ext_if1 = "rl0"
ext_if2 = "rl1"
ext_gw1 = "200.247.xxx.29"
ext_gw2 = "192.168.1.254"

scrub in all

nat on $ext_if1 from $internal_net to any -> ($ext_if1)
nat on $ext_if2 from $internal_net to any -> ($ext_if2)

rdr on $int_if proto tcp from any to any port 80 -> 192.168.2.254 port 3128
#127.0.0.1 nao funfa

pass in all
pass out all

pass quick on lo0 all
pass out on $int_if from any to $internal_net
pass in quick on $int_if from $internal_net to $int_if

pass in on $int_if route-to { ($ext_if1 $ext_gw1), ($ext_if2 $ext_gw2) }
round-robin proto tcp from any to any flags S/SA modulate state

pass in on $int_if route-to { ($ext_if1 $ext_gw1), ($ext_if2 $ext_gw2) }
round-robin proto { udp, icmp } from any to any keep state

pass out on $ext_if1 route-to ($ext_if2 $ext_gw2) from $ext_if2 to any
pass out on $ext_if2 route-to ($ext_if1 $ext_gw1) from $ext_if1 to any

pass out on $ext_if1 proto tcp from any to any flags S/SA modulate state
pass out on $ext_if1 proto { udp, icmp } from any to any keep state
pass out on $ext_if2 proto tcp from any to any flags S/SA modulate state
pass out on $ext_if2 proto { udp, icmp } from any to any keep state

#############
----- Original Message -----
From: "Giovanni P. Tirloni" <gpt em tirloni.org>
To: "Grupo Brasileiro de Usuarios FreeBSD" <fugspbr em fugspbr.org>
Sent: Thursday, July 17, 2003 5:45 PM
Subject: Re: [FUGSPBR] [OFFTOPIC] PF


> >pass in on $int_if route-to { ($ext_if1 $ext_gw1), ($ext_if2 $ext_gw2) }
> > round-robin proto tcp from $internal_net to any flags S/SA modulate
state

 pass in on $int_if route-to { ($ext_if1 $ext_gw1), ($ext_if2 $ext_gw2) }
    round-robin proto tcp from any to any flags S/SA modulate state

> >pass in on $int_if route-to { ($ext_if1 $ext_gw1), ($ext_if2 $ext_gw2) }
> > round-robin proto { udp, icmp } from $internal_net to any keep state

 mesma coisa.

_______________________________________________________________
Sair da Lista: http://www2.fugspbr.org/mailman/listinfo/fugspbr
Historico: http://www4.fugspbr.org/lista/html/FUG-BR/

Mais detalhes sobre a lista de discussão freebsd