[ previous ] [ next ] [ threads ]
 
 From:  "Ryan Wagoner" <Ryan at wgnrs dot dynu dot com>
 To:  "Ernesto Rojas Rodriguez" <ernesto at cubarte dot cult dot cu>
 Cc:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  RE: [m0n0wall] Http request redirect to Squid
 Date:  Mon, 17 Apr 2006 19:07:52 -0400 
I tried and tried to get this to work with squid on the same interface
as the clients who need the squid redirection, but in the end this
doesn't seem possible. The two ways I found to make this work are...

1) Bridge 2 NICs in the squid box (glorified switch), place it between
switch and monowall. Have it redirect traffic from port 80 to squid
setup to be transparent proxy. Downside is if the machine is restarted,
or goes down all network traffic to monowall down.

2) Put squid on OPT1, etc interface so its separate from lan. Place the
below rule, modified to your needs, in your config file and upload it to
monowall. Set squid to be transparent proxy and your good to go.
Downside is that squid is on another interface, but if squid goes down
you only loose http traffic.

	<nat>
		<rule>
			<protocol>tcp</protocol>
			<external-port>80</external-port>
			<target>10.10.2.5</target>
			<local-port>3128</local-port>
			<interface>lan</interface>
			<descr>HTTP PROXY</descr>
		</rule>
	</nat>

External port is lan port that you want to redirect, obviously port 80.
Target is squid box ip address, local port is the port on squid, default
is 3128 for proxy, make sure squid is configure as transparent proxy.

Ryan Wagoner

-----Original Message-----
From: Ernesto Rojas Rodriguez [mailto:ernesto at cubarte dot cult dot cu] 
Sent: Monday, April 17, 2006 4:05 PM
To: m0n0wall at lists dot m0n0 dot ch
Subject: [m0n0wall] Http request redirect to Squid 

Hi!

 

I would like to redirect all http request made to the monowall  by
clients of the LAN  to a machine running

Squid, to take advantage of this service. I have the Squid running on a
Pc on the LAN.

 

Thanks!