Another way is if you want traffic to go to the proxy server BEFORE going to your OpenBSD/pf box, you can create a proxy automatic configuration file for use in the browser (.pac) which is usually written in java, but would require the browser to be configured with the .pac host/file name. Or instead of a .pac file, have the users do a manual proxy configuration in their browser and point to the host/port the proxy server is listening on.
The other suggestion about redirection would be transparent to the users, though, so may be more desirable, though may be creating extra traffic/demand on the pf box. Cheers, Samantha On Wed, 4 Dec 2002, Todd Chandler wrote: > We are experimenting with OpenBSD and have an issue that we haven't been > able to figure out. We would like to force all outbound http and https > traffic to a proxy server for content filtering before it leaves our > network. How do we configure PF to force all http and https traffic to > go to the proxy server? The proxy server and client machines are > located on the same internal subnet. We simply want http and https > traffic to pass through only after it has been sent through the proxy. > Thanks in advance! > > Todd Chandler > >