[ previous ] [ next ] [ threads ]
 From:  Christiaens Joachim <jchristi at oce dot be>
 To:  "'Jason Crowley'" <jcrowley at kc dot rr dot com>, m0n0wall dash dev at lists dot m0n0 dot ch
 Subject:  RE: [m0n0wall-dev] Web Proxy Service for m0n0wall
 Date:  Tue, 18 May 2004 11:47:12 +0200
> -----Original Message-----
> From: Jason Crowley [mailto:jcrowley at kc dot rr dot com]
> Sent: dinsdag 18 mei 2004 0:32
> To: m0n0wall dash dev at lists dot m0n0 dot ch
> Subject: [m0n0wall-dev] Web Proxy Service for m0n0wall
> Hello all,
> I've been working on adding a web proxy service to m0n0wall for access
> control and logging purposes.  This service is an integral 
> part of many
> firewall packages, and I think it would be a good addition to 
> m0n0wall.
> I currently have a rough build of the service running on 
> version 1.0.  I
> want to get some feedback from you all, especially Manuel.  
> Do you think
> this would be a valueable addition to the m0n0wall package?  Should I
> continue to build it as a part of m0n0wall or should I attempt to make
> it a separate loadable module.  Of course it would be much 
> easier for me
> to build it as part of m0n0wall.  Thanks!
> Screenshots:  
> http://home.kc.rr.com/innonet/services_webproxy.jpg
> http://home.kc.rr.com/innonet/services_webproxy_rules.jpg
> http://home.kc.rr.com/innonet/services_webproxy_rules_edit.jpg
> http://home.kc.rr.com/innonet/services_webproxy_acls.jpg
> http://home.kc.rr.com/innonet/services_webproxy_acls_edit.jpg
> http://home.kc.rr.com/innonet/services_webproxy_users.jpg
> http://home.kc.rr.com/innonet/services_webproxy_users_edit.jpg
> Image for Soekris net45xx
> http://home.kc.rr.com/innonet/net45xx-1.0-webproxy.img
> One caveat:  In order for the web proxy service to work, you 
> must have a
> DNS server setup.  If you don't receive DNS servers from DHCP on your
> WAN interface, you'll have to add them manually in the general setup
> page.  
> I'm sure there are bugs and I know I need to do a lot on the
> documentation side.  The web proxy is based on Squid
> (http://www.squid-cache.org); you can find some documentation there.
> You need to point your browser to port 3128 on your m0n0wall 
> box to use
> the service.  
> Let me know what you think.  
> Jason Crowley
> Innovative Networks

Some VERY NICE work indeed!
I for one like the idea of a proxy on the m0n0wall, following Watchguard
etc. features.
For small businesses, this would be a killer app! If it is possible, I would
like it to be a part of m0n0wall (not activated by default of course). Maybe
there could be some option to select 3 possibilities: 1-no port 80 redirect,
2-redirect to internal proxy, 3-redirect to external proxy (maybe this could
be done on the app level, so all http could be redirected, but I don't know
if that's possible).

Thanks very much already for the work!


Oce enables its customers to manage their documents efficiently and
effectively by offering innovative print and document management products
and services for professional environments.

This e-mail message and any attachment are intended for the sole use of the
recipient(s) named above and may contain information which is confidential
and/or protected by intellectual property rights.
Any use of the information contained herein (including, but not limited to,
total or partial reproduction, communication or distribution in any form) by
other persons than the designated recipient(s) is prohibited.

If you have received this e-mail in error, please notify the sender either
by telephone (0032-2-729.48.11) or by e-mail and delete the material from
any computer.
Oce-Belgium/Oce-Interservices is nor responsible for the correct and
complete transfer of the contents of the sent e-mail, neither for the
receipt on due time.  This e-mail message does not bring about a contractual
obligation for Oce-Belgium/Oce-Interservices.

Thank you for your cooperation.

For further information about Oce-Belgium/Oce-Interservices please see our
website at www.oce.be