I read in the m0n0wall documentation that transparent proxying is not
supported because of the issue of figuring out what the actual HTTP request
is. I have pretty much the same situation as described here
M0n0-----DMZ (proxy server = 10.0.1.2)
LAN (clients - 10.0.0.0/28)
The idea is to have HTTP traffic forced through the proxy server which is in
fact possible with m0n0wall and squid under linux.
I followed the squid docs on transparent proxies
(http://www.squid-cache.org/Doc/FAQ/FAQ-17.html) adding these lines:
to my squid.conf so that squid recognizes hijacked connections.
Then I added a redirect rule in m0n0wall via exec.php:
cat "rdr rl0 0/0 port http -> 10.0.1.2 port 3128" > rules
ipnat -f rules
And low and behold any traffic on port 80 going into my LAN interface is
redirected to the squid proxy.
Obviously this will not work for situations where the proxy server resides
on the LAN interface but with some tweaking of the redirect rule it should
Also I don't know about other proxy servers and whether they can intercept