While browsing Slashdot last week, I stumbled upon someone being rather silly with their wireless access point. (For those who'd rather not check the link, he leaves the AP open, then either forwards all port 80 traffic to one particular server or mogrifies any image they view.)
To get to an actual serious question in this post, Squid seemed to have some problems early on where it was waiting to talk to PF, but since it couldn't get a response, it bottlenecked. I noticed in one of the instructions for using it on OpenBSD, they suggest changing the ownership and permissions of /dev/pf (to :_squid and g+rw, respectively). I was just curious if there are any alternatives that anyone else uses?
For reference, the changes I made to the squid.conf file are:
http_port 127.0.0.1:3128 redirect_program /usr/local/bin/redirector http_access deny to_localhost acl our_networks src [my wireless subnet] http_access allow our_networks httpd_accel_port 80 httpd_accel_host virtual httpd_accel_with_proxy on httpd_accel_uses_host_header on
Thanks!( appendixCollapse )