2 things,
1st, you're going to want to put in rules like:
Allow - 192.168.0.200 anyPort to anyIP port 80 tcp
Deny - anyIP anyPort to AnyIP port 80 tcp

This will cause any client trying to make a direct http connection to
the internet to fail,  all http requests must pass thru the squid
server.

2nd
You're going to need to configure your clients to use the proxy,
there's a couple ways to do that, someone else would be better suited to
help you with that...

-Mike



-----Original Message-----
From: Luciano Areal [mailto:luciano dot areal at bizvox dot com dot br] 
Sent: Wednesday, November 07, 2007 9:20 AM
To: m0n0wall at lists dot m0n0 dot ch
Subject: [m0n0wall] Setting up a Squid traffic on M0n0wall

Hi folks!

 

It's my first access on this list. I just have a little question for the
pros ;-).

 

In my office, I have a network LAN using the 192.168.0.0 /24 scheme. The
M0n0wall gateway is the 192.168.0.254. I'm using a 1024 Kbps frame-relay
connection here. The scheme follows:

 

 

[LAN clients] <---> [M0n0wall box] <---> [Internet]

 

 

I've finished a Squid server here (192.168.0.200) and my intention is
making
all HTTP requests from my clients to pass through the Squid server, and
then, all traffic from the Squid server pass through the M0n0wall box,
just
like this:

 

 

[LAN clients] <---HTTP---> [Squid box] <---> [M0n0wall box] <--->
[Internet]

 

How can I set it up on the M0n0wall box? Anyone here have configured
anything similar?

 

Lots of thanks in advance and regards,

Luciano

 

 



  _____  

avast! Antivirus <http://www.avast.com> : Outbound message clean. 


Virus Database (VPS): 071106-0, 06/11/2007
Tested on: 7/11/2007 11:19:40
avast! - copyright (c) 1988-2007 ALWIL Software.