While migrating several douzens of users' PCs and servers from an old
firewall that is HTTP-transparent (port 80) to a new firewall that
requires the use of a HTTP proxy (port 8080), I come across simiar
1. inform users about the required change in their client/browser
configuration, e.g. to load a proxy.pac file that sets the proxy with
2. during a grace/transition period, transparently "transform" HTTP
requests to port 80 of the old firewall to port 8080 of the new
3. the solution for 1. and 2. should integrate into the setup by
inserting this "interceptor/redirector" in front of the old firewall.
The Captive Portal of m0n0wall nicely resolves 1. A Transproxy daemon
(tproxyd) can provide 2 (inspired by previous poster). m0n0wall's
filtering bridge would ideally be solve requirement 3.
Unfortunately, the Captive Portal and bridging are mutually exclusive
yet. Thus I try now to integrate tproxyd into m0n0wall and run it in
routed mode instead of bridged mode.
Up to now I have successfully tested tproxyd as proof of concept on a
Linux-based system. Right now I assemble a FreeBSD developper
environment in order to get tproxyd into m0n0wall.