[ previous ] [ next ] [ threads ]
 
 From:  "Lee Sharp" <leesharp at hal dash pc dot org>
 To:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  Re: [m0n0wall] Settings For Squid Transparent Proxy
 Date:  Thu, 2 Feb 2006 13:45:03 -0600
From: "Ryan Wagoner" <Ryan at wgnrs dot dynu dot com>

> I have m0n0wall setup between my DSL modem and home network.
> Its IP is 10.10.1.1. I have a Fedora squid server running at 10.10.1.6
>. What I want to do is setup a rule so that any oubound traffic on port 80
> not coming from squid 10.10.1.6 gets redirected to squid. That why I
> can have a transparent proxy for port 80. How do I go about doing this?
> I know I need the rule on the LAN side, but can the rules page redirect
> traffic?? I thought this was only possible from NAT. I just don't want to
> put in some random rules and upset the network.

Chris posted this a while back...

                            Lee

I recall something in the archives about somebody doing something
similar using a hacked NAT rule.

Like manually put something like this in your config.xml backup and
restore it.

 <nat>
 <rule>
  <protocol>tcp</protocol>
  <external-port>25</external-port>
  <target>192.168.1.5</target>
  <local-port>25</local-port>
  <interface>lan</interface>
  <descr>redirect SMTP to LAN SMTP server</descr>
 </rule>
 </nat>

where 192.168.1.5 is your SMTP server.

That might really screw stuff up though, so test it thoroughly first
to make sure it has no unintended consequences (if it works at all).

If someone tries it, please let me know if it works.

-Chris