Update transparent HTTP proxy example:

- Use the URL filter to block www.example.com/
- Use "forward to destination" instead of "forward to nat lookup" to use
divert-to instead of rdr-to in PF.

1 files changed, 7 insertions, 3 deletions

diff --git a/etc/relayd.conf b/etc/relayd.conf
index b3011963202..cdcadd8474b 100644
--- a/etc/relayd.conf
+++ b/etc/relayd.conf
@@ -1,4 +1,4 @@
-# $OpenBSD: relayd.conf,v 1.13 2008/03/03 16:58:41 reyk Exp $
+# $OpenBSD: relayd.conf,v 1.14 2011/04/07 13:33:52 reyk Exp $
 #
 # Macros
 #
@@ -82,6 +82,10 @@ http protocol httpfilter {
 	# Return HTTP/HTML error pages to the client
 	return error
 
+	# Block disallowed sites
+	label "URL filtered!"
+	request url filter "www.example.com/"
+
 	# Block disallowed browsers
 	label "Please try a <em>different Browser</em>"
 	header filter "Mozilla/4.0 (compatible; MSIE *" from "User-Agent"
@@ -96,10 +100,10 @@ http protocol httpfilter {
 }
 
 relay httpproxy {
-	# Listen on localhost, accept redirected connections from pf(4)
+	# Listen on localhost, accept diverted connections from pf(4)
 	listen on 127.0.0.1 port 8080
 	protocol httpfilter
 
 	# Forward to the original target host
-	forward to nat lookup
+	forward to destination
 }