"David theobald" <davidtheo@xxxxxxxxx> writes: > I am trying to do the following can anyone help > > I want my wireless network to use the proxy on my sever proxy cashe in > order to access http and ftp however I want them to use user-based > authenentication on the proxy how do I do this I am using squid on the > sever proxy Cashe firewall > > I am trying to do this in IPTABLES can anyone please help > > David You need to separate your thoughts. Your requirements involve different mechanisms and should be handled as such. Iptables alone will not solve your problem. First of all, create iptables rules that only allows traffic to your proxy for the computers on your wireless network. Depending on your infrastructure, you may also need to allow traffic to DNS and e-mail servers, etc. When that works, configure your proxy for user based authentication. Finally, configure the computers on your wireless network to use the proxy. Do not try to introduce transparent proxying, at least not until this basic functionality is in place. Important: Configure iptables to log traffic that is denied, so that you are able to debug when something does not work as expected. Read the netfilter-howto on http://www.netfilter.org/documentation/HOWTO/packet-filtering-HOWTO.html and also use http://www.linuxguruz.com/iptables/ for references and good ideas. Good luck! -- Bjørn
