[ previous ] [ next ] [ threads ]
 From:  "Barry Murphy" <barry at unix dot co dot nz>
 To:  <Hilton at QuarkAV dot com>, <m0n0wall at lists dot m0n0 dot ch>
 Subject:  RE: [m0n0wall] Redirecting *internal* traffic
 Date:  Sat, 24 Apr 2004 11:47:43 +1200
This what I use

60010     714    123223 fwd,8080 tcp from any to any 80 in
recv rl0 being my squid proxy.


-----Original Message-----
From: Hilton Travis [mailto:Hilton at QuarkAV dot com] 
Sent: Saturday, 24 April 2004 11:15 a.m.
To: m0n0wall at lists dot m0n0 dot ch
Subject: [m0n0wall] Redirecting *internal* traffic

Hi All,

Posting of this was kinda prompted by Fred's recent "Transparent proxy
support?" question.

I have a project in mind where m0n0wall will play an important part.  A
part of what I want to do is to *not* have a squid box directly inline
with the m0n0wall box, simply to reduce the number of points of failure
in the Internet connection - if I place a squid box between m0n0wall and
the network, if the squid box b0rks, the Internet connection b0rks.

So, what I'd like to be able to do is to have a rule/ruleset on m0n0wall
that redirects all LAN->WAN requests for http/ftp traffic to the squid
server, and only accept http and ftp traffic from the squid server.

This would mean that if the squid box dies, email will still function.

Any clues on relevant rules?



Hilton Travis                   Phone: +61-(0)7-3343-3889
Manager, Quark AudioVisual      Phone: +61-(0)419-792-394
         Quark Computers         http://www.QuarkAV.com/
(Brisbane, Australia)            http://www.QuarkAV.net/

Open Source Projects:		http://www.ares-desktop.org/

Non Linear Video Editing Solutions & Digital Audio Workstations  Network
Administration, SmoothWall Firewalls, NOD32 AntiVirus
  Conference and Seminar AudioVisual Production and Recording

War doesn't determine who is right. War determines who is left.

To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch