[ previous ] [ next ] [ threads ]
 
 From:  Jon Saints <saintsjd at yahoo dot com>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] monowall with squid transparent proxy
 Date:  Fri, 24 Nov 2006 08:23:45 -0800 (PST)
Thanks! it worked.

In our monowall configuration file We changed:
<nat>
  <advancedoutbound/>
</nat>

to:
<nat>
  <rule>
    <protocol>tcp</protocol>
    <external-port>80</external-port>
    <target>192.168.1.7</target>
    <local-port>80</local-port>
    <interface>lan</interface>
    <descr>redirect HTTP to LAN HTTP Squid Proxy
server</descr>
  </rule>
  <advancedoutbound/>
</nat>

NOTE: adding this rule to NAT disabled access to the
monowall webGUI from our LAN.  To get around it we had
to change the port for the WebGUI from 80 to 81.

Thanks again,
Jon

--- Lee Sharp <leesharp at hal dash pc dot org> wrote:

> From: "Jon Saints" <saintsjd at yahoo dot com>
> 
> > We would like to use monowall to forward packets
> to a
> > transparent squid proxy.  Is there a command that
> we
> > can run in exec.php inorder to accomplish this?
> 
> > Our Lan interface is xl0
> > Our WAN interface is xl1
> 
> > our squid proxy is 192.168.1.7 listening on port
> 80
> > and 8080
> 
> An old post that may help.  Adapt as you need it.
> 
> 
> ----- Original Message ----- 
> From: "Jonathan De Graeve"
> <Jonathan dot De dot Graeve at imelda dot be>
> To: "Chris Buechler" <cbuechler at gmail dot com>
> Cc: <m0n0wall at lists dot m0n0 dot ch>
> Sent: Thursday, September 29, 2005 2:51 PM
> Subject: RE: [m0n0wall] NAT question: redirect all
> outgoing SMTP to or own 
> SMTP-server
> 
> 
> It surely would piss me off to and would hate it if
> my ISP would do that
> but indeed its for the clueless users who don't know
> how to change there
> settings... :(
> 
> My clients are located on LAN, SMTP server is
> located on WAN
> 
> Will the rules be something like this then?
> 
> <nat>
>  <rule>
>   <protocol>tcp</protocol>
>   <external-port>25</external-port>
>   <target>192.168.1.5</target>
>   <local-port>25</local-port>
>   <interface>wan</interface>
>   <descr>redirect SMTP to WAN SMTP server</descr>
>  </rule>
>  </nat>
> 
> --
> Jonathan De Graeve
> Network/System Administrator
> Imelda vzw
> Informatica Dienst
> 015/50.52.98
> Jonathan dot de dot graeve at imelda dot be
> -----Oorspronkelijk bericht-----
> Van: Chris Buechler [mailto:cbuechler at gmail dot com]
> Verzonden: donderdag 29 september 2005 22:41
> CC: m0n0wall at lists dot m0n0 dot ch
> Onderwerp: Re: [m0n0wall] NAT question: redirect all
> outgoing SMTP to or
> own SMTP-server
> 
> On 9/29/05, Chris Bagnall <m0n0wall at minotaur dot cc>
> wrote:
> >
> > I'd have to put it down as "very annoying"
> actually.
> >
> 
> Agreed and it'd piss me off for sure, but I
> understand the necessity
> of it for 99.9% of clueless users out there.
> 
> I recall something in the archives about somebody
> doing something
> similar using a hacked NAT rule.
> 
> Like manually put something like this in your
> config.xml backup and
> restore it.
> 
>  <nat>
>  <rule>
>   <protocol>tcp</protocol>
>   <external-port>25</external-port>
>   <target>192.168.1.5</target>
>   <local-port>25</local-port>
>   <interface>lan</interface>
>   <descr>redirect SMTP to LAN SMTP server</descr>
>  </rule>
>  </nat>
> 
> where 192.168.1.5 is your SMTP server.
> 
> That might really screw stuff up though, so test it
> thoroughly first
> to make sure it has no unintended consequences (if
> it works at all).
> 
> If someone tries it, please let me know if it works.
> 
> -Chris
> 
> 
>
---------------------------------------------------------------------
> To unsubscribe, e-mail:
> m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail:
> m0n0wall dash help at lists dot m0n0 dot ch
> 
>