|
||||||||
Graham, Robert wrote: > I have search the archives and found "somewhat conflict posts" > regarding transparent proxy support with M0n0wall. No the most elegant solution, but this is what I suggested in an earlier post: I would put a separate *NIX machine on your internal lan, configured with Squid and DansGuardian (http://dansguardian.org/), and for transparent (intercept) caching (http://www.squid-cache.org/Doc/FAQ/FAQ-17.html) and packet forwarding. On your m0n0wall, allow only this machine out on TCP port 80 (HTTP) and manually set your client machines' default route as this Squid box, or if you're using the m0n0wall for DHCP, add a <gateway>x.x.x.x</gateway> line in the config file (DHCP section), replacing x.x.x.x with your Squid machine's IP. -- Marko |