From 813878498043aa90e98219ae65af462377ea4bee Mon Sep 17 00:00:00 2001
From: Ad Schellevis <ad@opnsense.org>
Date: Fri, 10 Feb 2017 13:51:29 +0100
Subject: [PATCH] (CP) fix transparant mode, closes
 https://github.com/opnsense/core/issues/1391

---
 src/opnsense/service/templates/OPNsense/IPFW/ipfw.fw.conf | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/src/opnsense/service/templates/OPNsense/IPFW/ipfw.fw.conf b/src/opnsense/service/templates/OPNsense/IPFW/ipfw.fw.conf
index 6fd3f5bbe..9cbf60189 100644
--- a/src/opnsense/service/templates/OPNsense/IPFW/ipfw.fw.conf
+++ b/src/opnsense/service/templates/OPNsense/IPFW/ipfw.fw.conf
@@ -5,10 +5,12 @@
 {% for cp_zone in cp_interface_list %}
 {% if cp_zone.obj.transparentHTTPProxy|default('0') == '1' %}
 # HTTP redirect {{ cp_zone.zone }}
+add 60005 skipto 65533 tcp from me to any dst-port 80 via {{ cp_zone.if }}
 add 65532 fwd 127.0.0.1,{{ OPNsense.proxy.forward.port }} tcp from any to any dst-port 80 via {{ cp_zone.if }}
 {% endif %}
 {% if cp_zone.obj.transparentHTTPSProxy|default('0') == '1' %}
 # HTTPS redirect {{ cp_zone.zone }}
+add 60005 skipto 65533 tcp from me to any dst-port 443 via {{ cp_zone.if }}
 add 65532 fwd 127.0.0.1,{{ OPNsense.proxy.forward.sslbumpport }} tcp from any to any dst-port 443 via {{ cp_zone.if }}
 {% endif %}
 {% endfor %}