Jeb Campbell wrote:
>> I did the same thing. It can be configured via the webGUI for OPT
>> interfaces (LAN requires a manual editing and upload of your config.xml).
>> However, the disadvantage is that since it's NAT, it doesn't work on
>> bridges. Another disadvantage is that since it's merely a port
>> redirection, you can't log HTTP traffic. I think the correct way to solve
>> this problem is to bloat m0n0wall a bit and install an HTTP proxy server
>> of some sort.
> I'm looking at transproxy -- very small (21K) and in freebsd ports, but
> I have not used it all (yet).
> Just need to figure out the best firewall rules.
I'm obviously approaching this functionality with the desire to find
some way to make transparent proxying work on a filtered bridge interface.
So I'm actually wondering if transparent proxy over a bridged connection
is even possible with a userland proxy daemon. Wouldn't we still need
to redirect port 80 from the bridge to the daemon's port? Since we
can't use NAT for this, is there another package out there capable of
> It also supports pass through if the proxy server dies.
That's a very nice feature, indeed. That alone would be a welcome
improvement over an ipnat redirect rule, but I'd still like to
see if we can find a solution that works on a filtering bridge.
Jesse Guardiani, Systems Administrator
WingNET Internet Services,
P.O. Box 2605 // Cleveland, TN 37320-2605
423-559-LINK (v) 423-559-5145 (f)