Date: 25-01-01 02:05
i am confused ... are you asking a question or telling us about your setup?
i mean, according to your setup, assuming rule list is complete, here is what is/may be...
(note to self: ipfw applies the 1st rule, ipf - which i use - applies the last)
* ipfw add 001 allow tcp from 192.168.10.1 to any 80
- allow proxy server to connect to any other address /only/ on port 80
* ipfw add 002 allow tcp from any to 192.168.10.1 80
- allow any other address to connect to proxy server /only/ on port 80
* ipfw add 003 deny tcp from any to any 80
- if a connection isn't coming from or going to proxy server on port 80 wrt firewall host, then deny connection.
...which is what you want: block anybody not going thru' the proxy . so the source of my confusion. nonetheless, what else may be happening...
- default behaviour (or, options compiled in the kernel) of ipfw is to deny. given the rules list is complete, 3d rule becomes redundant, since first 2 rules allow connection only to/from 192.168.10.1:80, nothing else goes in or out.