squid3 and ipfw_transparent macport broke as of Lion?
Daniel J. Luke
dluke at geeklair.net
Tue Dec 6 08:19:09 PST 2011
On Dec 6, 2011, at 10:05 AM, Michael wrote:
> And I've tried the following to configure the firewall via the rule:
>
> sudo ipfw add 1013 fwd 127.0.0.1,3128 tcp from any to any dst-port 80 recv en0
>
> I verified the rule was set via
>
> sudo ipfw list
>
> and it returns:
>
> $ sudo ipfw list
> 01013 fwd 127.0.0.1,3128 tcp from any to any dst-port 80 recv en0
> 65535 allow ip from any to any
is your Mac OS X box routing for all of the (virtual) machines?
> and I also restarted the firewall just in case w/ each rule change. No dice.
>
> I've also configured the kernel as per Step 2: Configure Mac OS X
> kernel' as described originally at:
>
> http://discussions.apple.com/thread.jspa?threadID=2308812&tstart=0
you mean you set
net.inet.ip.scopedroute = 0 ?
> Once setup, the firewall never seems to redirect traffic dst-port 80
> traffic to Squid to handle, but if I directly configure the Squid
> proxy settings (localhost:3128) into say Firefox it performs
> flawlessly... So, the problem seems to be in the ipfw's forwarding of
> any dst-port 80 traffic to squid to handle.
What troubleshooting have you done? Have you used tcpdump (or another tool) to see what packets your machine is seeing?
--
Daniel J. Luke
+========================================================+
| *---------------- dluke at geeklair.net ----------------* |
| *-------------- http://www.geeklair.net -------------* |
+========================================================+
| Opinions expressed are mine and do not necessarily |
| reflect the opinions of my employer. |
+========================================================+
More information about the macports-dev
mailing list