[ previous ] [ next ] [ threads ]
 From:  Marko Vukovic <marko at aquamanta dot co dot za>
 To:  m0n0wall <m0n0wall at lists dot m0n0 dot ch>
 Subject:  Re: [m0n0wall] Transparent Proxy Support
 Date:  Tue, 22 Nov 2005 18:05:31 +0200
Graham, Robert wrote:
> I have search the archives and found "somewhat conflict posts"
> regarding transparent proxy support with M0n0wall.  

No the most elegant solution, but this is what I suggested in an earlier 

I would put a separate *NIX machine on your internal lan, configured 
with Squid and DansGuardian (http://dansguardian.org/), and for 
transparent (intercept) caching 
(http://www.squid-cache.org/Doc/FAQ/FAQ-17.html) and packet forwarding.

On your m0n0wall, allow only this machine out on TCP port 80 (HTTP) and 
manually set your client machines' default route as this Squid box, or 
if you're using the m0n0wall for DHCP, add a <gateway>x.x.x.x</gateway> 
line in the config file (DHCP section), replacing x.x.x.x with your 
Squid machine's IP.