Claer wrote:
On Wed, Apr 23 2008 at 40:17, Monah Baki wrote:
Hi all,
Hi,
I implemented the following rule and so far I can see that all users are
accessing my proxy server
Tried the following in /etc/inetd.conf
127.0.0.1:5000 stream tcp nowait nobody /usr/bin/nc nc -w \
20 192.168.3.106 8080
rdr on $int_if proto tcp from $int_net to $ext_if port 80 -> \
127.0.0.1 port 5000
But I have one question, my proxy requires authentication before browsing,
how can I have the firewall also authenticate, because if I disable on the
squid proxy authentication, it works. If I enable it, all sites I try to
visit comes up with a page that I need authentication first to use the
proxy.
Using transparent proxying + auth is generally considered a bad idea.
But if you really want to do this, I would suggest using authpf. You
can set up squid to do the proxying without authentication, set up pf
to deny all traffic to the squid instance and set up authpf rules to
allow all authenticated users passage to squid.
http://www.openbsd.org/faq/pf/authpf.html
Hope this helps.
Aaron
