Thanks Rex, yes that is what I'm trying to achieve. -----Original Message----- From: Rex Johnston snip He's probably installed squid on the `drake box. He'll need to configure IPCop so that outward TCP requests on port 80 are only available from the server, blocking the rest of the LAN. This way the rest of the machines are forced to use the proxy.
Cheers, Rex -------------------------- I had a go at this last night. I've found where IPCop recommends adding IPTables commands and got as far as adding this to /etc/rd.d/rc.local: /sbin/iptables -A CUSTOMINPUT -s 198.162.1.3/255.255.255.0 -j DROP I figured that this should drop everything from .3 upwards. However, users still seem able to surf directly through the firewall, but a linux client on 198.162.1.253 cannot ping the IPCop box. Notes: My server is 198.168.1.1 - runs dhcp to provide IPs for client machines. IPCop is 198.162.1.2 - too small to run as proxy server. dhcp seems to tell the network that 198.162.1.2 is the default gateway.
