lomos
27-03-2012, 15:07
Помогите !!! уже неделю бьюсь все бестолку, сроки горят!, необходимо выпустить в инет один комп по IP в обход squid через pf, сейчас у меня такие правила:
set state-policy if-bound
nat on $ext_if inet from 192.168.0.100 to !(self) -> ($ext_if)
block in
block out
pass out on $ext_if inet from $ext_if to any
#SQUID
pass in quick on $int_if inet from $int_if:network to $int_if
pass out quick on $int_if inet from $int_if to $int_if:network
pass out on $ext_if from 192.168.0.100 to any keep state
set state-policy if-bound
nat on $ext_if inet from 192.168.0.100 to !(self) -> ($ext_if)
block in
block out
pass out on $ext_if inet from $ext_if to any
#SQUID
pass in quick on $int_if inet from $int_if:network to $int_if
pass out quick on $int_if inet from $int_if to $int_if:network
pass out on $ext_if from 192.168.0.100 to any keep state