Hi all, I have a few questions:
1. Redirection: a. I had the following in rules: # # # Redirect all http # REDIRECT:ULOG loc 3128 tcp www - !192.168.0.3 REDIRECT:ULOG loc 3128 tcp 8080 - !192.168.0.3 Which should, if I understand correctly, redirect all local traffic directed to ports 80 & 8080 to port 3128. (On 3128 is Dansgauardian and on 8080 is Squid). Then I found that one could bypass the proxy by just tell the browser to connect directly. b. So I googled around and found the following suggestions: REDIRECT- $FW 3128 tcp 80 - !192.168.0.3 DNAT loc loc:192.168.0.3:3128 tcp www DROP net $FW tcp 8080 DROP net $FW tcp 3128 I test all of them without success. Any suggestions from anyone would be welcomed. 2. QUEUE/Authentication/Accounting. In the documentation I read that some people use it to control p2p. Would it possible to or has anybody tried it for anything else? I have the idea to try to use it to authenticate users. I have two machines which is mostly in XP and intended for my boys to do school work, but they frequently abuse it. Unfortunately we have Internet Capping (please don't laugh!) and it costs money to extend it. So if I can tell who used what and how much I could control it better, the ultimate would be to designate a certain amount of bandwidth to each. Any ideas in this regard? Regards and my each and everyone of you be very prosperous in 2008. Louis. ------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2005. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/ _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
