[ previous ] [ next ] [ threads ]
 From:  "Jonathan De Graeve" <Jonathan dot De dot Graeve at imelda dot be>
 To:  "Ryan Wagoner" <Ryan at wgnrs dot dynu dot com>, "Ernesto Rojas Rodriguez" <ernesto at cubarte dot cult dot cu>
 Cc:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  RE: [m0n0wall] Http request redirect to Squid
 Date:  Tue, 18 Apr 2006 02:03:11 +0200
3rd option (not for small budgets)

If you have Cisco in front of m0n0wall redirect http traffic to the
webcache using WCCP. In both scenario's (squid up/down) the http traffic
will still be working.


> -----Oorspronkelijk bericht-----
> Van: Ryan Wagoner [mailto:Ryan at wgnrs dot dynu dot com]
> Verzonden: dinsdag 18 april 2006 1:08
> Aan: Ernesto Rojas Rodriguez
> CC: m0n0wall at lists dot m0n0 dot ch
> Onderwerp: RE: [m0n0wall] Http request redirect to Squid
> I tried and tried to get this to work with squid on the same interface
> as the clients who need the squid redirection, but in the end this
> doesn't seem possible. The two ways I found to make this work are...
> 1) Bridge 2 NICs in the squid box (glorified switch), place it between
> switch and monowall. Have it redirect traffic from port 80 to squid
> setup to be transparent proxy. Downside is if the machine is
> or goes down all network traffic to monowall down.
> 2) Put squid on OPT1, etc interface so its separate from lan. Place
> below rule, modified to your needs, in your config file and upload it
> monowall. Set squid to be transparent proxy and your good to go.
> Downside is that squid is on another interface, but if squid goes down
> you only loose http traffic.
> 	<nat>
> 		<rule>
> 			<protocol>tcp</protocol>
> 			<external-port>80</external-port>
> 			<target></target>
> 			<local-port>3128</local-port>
> 			<interface>lan</interface>
> 			<descr>HTTP PROXY</descr>
> 		</rule>
> 	</nat>
> External port is lan port that you want to redirect, obviously port
> Target is squid box ip address, local port is the port on squid,
> is 3128 for proxy, make sure squid is configure as transparent proxy.
> Ryan Wagoner
> -----Original Message-----
> From: Ernesto Rojas Rodriguez [mailto:ernesto at cubarte dot cult dot cu]
> Sent: Monday, April 17, 2006 4:05 PM
> To: m0n0wall at lists dot m0n0 dot ch
> Subject: [m0n0wall] Http request redirect to Squid
> Hi!
> I would like to redirect all http request made to the monowall  by
> clients of the LAN  to a machine running
> Squid, to take advantage of this service. I have the Squid running on
> Pc on the LAN.
> Thanks!
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch