Hi, I have installed a firewall running on linux on summer. In the server firewall, content filtering and proxy are running. P2P and IM programs are also blocked with l7 filter. And there is a rule that sends all http connections to content filtering software. I think this is transparent proxy. :) The rule is as below -A PREROUTING -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 8080 Anyway, but the users found another gap on the system, now they can connect any web site with free or university proxies. Firstly I found a solution which if I send connections on port of Proxy to content filtering software, the content filtering software can handle this. But there is 65534 ports to forward. :) Then, l7-filter save me one more time. Now I send the connections having destination port other than 80 and protocol http to content filtering software. It is ok until now. But the connections are directly being made with the firewall. (Not connecting to desired proxy). The users on the network want to connect to proxy because they want to research on libraries that can be only accessible via university proxy. I mean I have to send the proxy connections to proxy and the returned data must be filtered via content filtering software. The diagram of this situation is Host --> Firewall --> Content Filtering Software --> Proxy --> Proxy of University --> Http Server --> Proxy of University --> Proxy --> Content Filtering Software --> Firewall --> Host But the system are running as follows (Defining proxy on browser doesn't matter) Host --> Firewall --> Content Filtering Software --> Proxy --> Http Server --> Proxy --> Content Filtering Software --> Firewall --> Host Thanks for your help __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
