|
||||||||
While migrating several douzens of users' PCs and servers from an old firewall that is HTTP-transparent (port 80) to a new firewall that requires the use of a HTTP proxy (port 8080), I come across simiar requirements: 1. inform users about the required change in their client/browser configuration, e.g. to load a proxy.pac file that sets the proxy with port 8080; 2. during a grace/transition period, transparently "transform" HTTP requests to port 80 of the old firewall to port 8080 of the new firewall/proxy; 3. the solution for 1. and 2. should integrate into the setup by inserting this "interceptor/redirector" in front of the old firewall. The Captive Portal of m0n0wall nicely resolves 1. A Transproxy daemon (tproxyd) can provide 2 (inspired by previous poster). m0n0wall's filtering bridge would ideally be solve requirement 3. Unfortunately, the Captive Portal and bridging are mutually exclusive yet. Thus I try now to integrate tproxyd into m0n0wall and run it in routed mode instead of bridged mode. Up to now I have successfully tested tproxyd as proof of concept on a Linux-based system. Right now I assemble a FreeBSD developper environment in order to get tproxyd into m0n0wall. Rolf |