イカ 2.7 - FreeBSD 8.2
ipfilter が有効になっていると、squid でのインターネット エクスペリエンスが遅すぎます。これは私の現在の構成です:
rl0 = 内部 LAN bge0 = インターネット WAN
ipf.rules:
pass out quick on rl0 all
pass in quick on rl0 all
# out to internet
pass out quick on bge0 proto tcp from any to any port = 8080 flags S keep state
pass out quick on bge0 proto tcp from any to any port = 80 flags S keep state
pass out quick on bge0 proto tcp from any to any port = 443 flags S keep state
# Query to internet provider DNS
pass out quick on bge0 proto tcp from any to x.x.x.x port = 53 flags S keep state
pass out quick on bge0 proto udp from any to x.x.x.x port = 53 keep state
# protect my network
block out log first quick on bge0 all
block in log first quick on bge0 all
# others
pass in quick on lo0 all
pass out quick on lo0 all
すべてのトラフィックを開くと、インターネット接続は正常に機能します。
pass in quick on bge0 all
pass out quick on bge0 all
なにが問題ですか?