[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

PF - traffic count and transparent proxy



Hello,

everything I did a traffic count with transparent
proxy without any problems. In new PF I found
such function as table. I did 6 counters: to/from
local, to/from backbone and to/from other nets.

Now my pf.conf looks like this:

table <ua-ix> persist file "/etc/squid/ua-ix.tbl"
pass in on fxp1 from 192.168.0.42 to ! <ua-ix>
pass in on fxp1 from 192.168.0.42 to 192.168/16
pass in on fxp1 from 192.168.0.42 to <ua-ix>
pass out on fxp1 from ! <ua-ix> to 192.168.0.42
pass out on fxp1 from 192.168/16 to 192.168.0.42
pass out on fxp1 from <ua-ix> to 192.168.0.42

In default statement order of rulesets (options,
normalization, queueing, translation, filtering)
when enabled redirect function

rdr on fxp1 proto tcp from any to any port 80 -> 127.0.0.1 port 3148

all packets from 192.168.0.42 for port 80 are changing
the real destination address to a proxy address BEFORE
they will counted. Counters lies.

When redirect disabled, everything counts right
but proxy inactive.

Here my question:

Is there a way to set a "translation" AFTER "filtering"?


Thanks, vlader



Visit your host, monkey.org