Re: Ipfwadm -r option

Adam Goryachev (
Tue, 29 Jul 1997 09:51:29 +1000

Mike Davis wrote:
> Hi all
> I am trying to redirect (transparently) all the Web traffic (port 80)
> going through my Linux router, into Squid, running on the same box.
> I have tried the Ipfwadm -r option as follows:
> ipfwadm -a accept -I -D 0/0 80 -r 3128 ( as in the the Net HOWTO's)
> and had to add -P tcp , before it would be accepted ... but then I
> get:
> Linux kernel v2.0.30 (CONFIG_TRANSPARENT_PROXY set and kernel
> re-compiled)
> Ipfwadm ver 2.3.0
> RedHat ver 4.2

I think this is your problem, 2.0.30 still hasn't been fixed AFAIK, altho the
closest I got was to have the re-directiuons to go to the localhost correctly,
but it wouldn't re-direct to the appropriate port.
ie, if you used the command:
ipfwadm -a accept -I -P tcp -D 0/0 80 -r 3128
then you would find all the traffic destined for 80 instead going to
localhost 80 (NOT localhost 3128 as it should).

If anyone has seen a fix for this, then I would be happy to give it a go, but
the only solution I have yet found was to revert to 2.0.29.