[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
PF - traffic count and transparent proxy
- To: tech_(_at_)_openbsd_(_dot_)_org
- Subject: PF - traffic count and transparent proxy
- From: Vlader <openbsd_(_at_)_usr_(_dot_)_com_(_dot_)_ua>
- Date: Wed, 28 May 2003 01:41:01 +0300
everything I did a traffic count with transparent
proxy without any problems. In new PF I found
such function as table. I did 6 counters: to/from
local, to/from backbone and to/from other nets.
Now my pf.conf looks like this:
table <ua-ix> persist file "/etc/squid/ua-ix.tbl"
pass in on fxp1 from 192.168.0.42 to ! <ua-ix>
pass in on fxp1 from 192.168.0.42 to 192.168/16
pass in on fxp1 from 192.168.0.42 to <ua-ix>
pass out on fxp1 from ! <ua-ix> to 192.168.0.42
pass out on fxp1 from 192.168/16 to 192.168.0.42
pass out on fxp1 from <ua-ix> to 192.168.0.42
In default statement order of rulesets (options,
normalization, queueing, translation, filtering)
when enabled redirect function
rdr on fxp1 proto tcp from any to any port 80 -> 127.0.0.1 port 3148
all packets from 192.168.0.42 for port 80 are changing
the real destination address to a proxy address BEFORE
they will counted. Counters lies.
When redirect disabled, everything counts right
but proxy inactive.
Here my question:
Is there a way to set a "translation" AFTER "filtering"?