> I have a question regarding a potential module for > netfilter. Hopefully you can shed some light on this > idea. > > I'm wondering if it is possible to create a new module > for netfilter that could allow anonymous (?) browsing > from inside a corporate firewall.
The functionality already exists, in the form of the REDIRECT target (for the NAT table), and the squid HTTP Proxy. See the squid FAQ, found at www.squid-cache.org, for a detailed description of how to achieve this. There is an FAQ section on "transparent proxy with Linux netfilter", or similar, which describes the netfilter dependant configuration. The "anonymizing" can be done using various features of the squid proxy. This works very well. Any more iptables-in-kernel oriented solution would be silly. best regards Patrick
