[ previous ] [ next ] [ threads ]
 
 From:  "C. Falconer" <cfalconer at avonside dot school dot nz>
 To:  'Xavier Beaudouin' <kiwi at oav dot net>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  RE: [m0n0wall] Transparent proxy with 3rd party machine ?
 Date:  Thu, 04 Nov 2004 09:06:38 +1300
What I suggest is add a rule to block internal machines from accessing
anything on the WAN on port 80.
That means that users MUST use the proxy to get out.

Unf it requires a config change on the clients, which may not be possible.
You can look at solutions like wpad and the strange dhcp options that some
systems support, but theres no standard for http_proxy config.

Otherwise put the squid box outside the m0n0wall, and even have a second
m0n0wall to protect the lot from the net.


-----Original Message-----
From: Xavier Beaudouin [mailto:kiwi at oav dot net] 
Sent: Thursday, 4 November 2004 4:36 a.m.
To: Peter Parnican
Cc: m0n0wall at lists dot m0n0 dot ch
Subject: Re: [m0n0wall] Transparent proxy with 3rd party machine ?





> In my office im using  602LanSuite and it looks like this:
>
> DSL router Zyxel (but You can use m0n0)
> |
> proxy server (mail, web, ftp server)
> |
> local users
>
> So it could be very similar...

Yes it could be...

But here is what I want :


DSL Modem (with ethernet)
|
Monowall ---(DMZ)--- Proxy server
|
local users


So this is not proxy server that have to make transparent proxy but 
monowall... So that's why there is my question here...

/Xavier

--
Xavier Beaudouin - Unix System Administrator & Projects Leader. President of
Kazar Organization : http://www.kazar.net/ Please visit http://caudium.net/,
home of Caudium & Camas projects


---------------------------------------------------------------------
To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch