I tried and tried to get this to work with squid on the same interface
as the clients who need the squid redirection, but in the end this
doesn't seem possible. The two ways I found to make this work are...
1) Bridge 2 NICs in the squid box (glorified switch), place it between
switch and monowall. Have it redirect traffic from port 80 to squid
setup to be transparent proxy. Downside is if the machine is restarted,
or goes down all network traffic to monowall down.
2) Put squid on OPT1, etc interface so its separate from lan. Place the
below rule, modified to your needs, in your config file and upload it to
monowall. Set squid to be transparent proxy and your good to go.
Downside is that squid is on another interface, but if squid goes down
you only loose http traffic.
External port is lan port that you want to redirect, obviously port 80.
Target is squid box ip address, local port is the port on squid, default
is 3128 for proxy, make sure squid is configure as transparent proxy.
From: Ernesto Rojas Rodriguez [mailto:ernesto at cubarte dot cult dot cu]
Sent: Monday, April 17, 2006 4:05 PM
To: m0n0wall at lists dot m0n0 dot ch
Subject: [m0n0wall] Http request redirect to Squid
I would like to redirect all http request made to the monowall by
clients of the LAN to a machine running
Squid, to take advantage of this service. I have the Squid running on a
Pc on the LAN.