With the bridge-netfilter integration (http://bridge.sourceforge.net/) you can run transparent proxies on bridges just fine. We even made a cache & firewall product prototype doing this some year ago..
However, you cannot combine HTTP Proxy authentication with transparent proxying. To use HTTP Proxy authentication the browser MUST be configured to use a proxy. Regards Henrik Nordstr�m alias [EMAIL PROTECTED] On Monday 20 May 2002 16:11, Grimes, Shawn (NIA/IRP) wrote: > I'm trying to setup a proxy server for our network and instead of > going around to every machine on the network and configuring their > settings (and them having them unconfigure it as soon as I turn my > back), I figured I could do it at the firewall. I'm using a squid > proxy with PAM authentication using winbindd to authenticate on our > windows domain. And it is running on the same box as our firewall. > So I found this nifty mini-howto ( > http://users.gurulink.com/drk/transproxy/TransparentProxy.html ) > and it said all I needed to do was add the following line: iptables > -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT > --to-port 3128 > > which didn't work. If I do a tcpdump on the bridge/firewall, I can > see the request for the website, i.e. > P 192.168.1.100.1599 > 209.202.221.20.http: S > > But then it doesn't send anything back and I would think that I > shouldn't see that, I should see it going to port 3128. > > Any ideas? > > > > Thank You, > Shawn Grimes > Computer Specialist > NCTS - Gerontology Research Center > 410-558-8007 > [EMAIL PROTECTED] > _______________________________________________ > Bridge mailing list > [EMAIL PROTECTED] > http://www.math.leidenuniv.nl/mailman/listinfo/bridge _______________________________________________ Bridge mailing list [EMAIL PROTECTED] http://www.math.leidenuniv.nl/mailman/listinfo/bridge
