From owner-freebsd-questions@FreeBSD.ORG  Fri Jul  6 16:26:42 2007
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
X-Original-To: freebsd-questions@freebsd.org
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
	by hub.freebsd.org (Postfix) with ESMTP id A82AB16A41F
	for <freebsd-questions@freebsd.org>;
	Fri,  6 Jul 2007 16:26:42 +0000 (UTC)
	(envelope-from zbigniew@szalbot.homedns.org)
Received: from szalbot.homedns.org (lists.lc-words.com [83.19.156.210])
	by mx1.freebsd.org (Postfix) with ESMTP id 5F45513C487
	for <freebsd-questions@freebsd.org>;
	Fri,  6 Jul 2007 16:26:42 +0000 (UTC)
	(envelope-from zbigniew@szalbot.homedns.org)
Received: from localhost ([127.0.0.1] helo=szalbot.homedns.org)
	by szalbot.homedns.org with esmtpa (Exim 4.67 (FreeBSD))
	(envelope-from <zbigniew@szalbot.homedns.org>)
	id 1I6qdg-0004Wx-Hz; Fri, 06 Jul 2007 18:26:36 +0200
MIME-Version: 1.0
Date: Fri, 6 Jul 2007 18:26:36 +0200
From: Zbigniew Szalbot <zbigniew@szalbot.homedns.org>
To: Daniel Bye <dan@slightlystrange.org>
In-Reply-To: <468E6BE2.3010203@slightlystrange.org>
References: <468E6BE2.3010203@slightlystrange.org>
Message-ID: <24bb2a0d0d4ebbfb6c86b9cc566e8145@szalbot.homedns.org>
X-Sender: zbigniew@szalbot.homedns.org
User-Agent: RoundCube Webmail/0.1b
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: 8bit
Cc: freebsd-questions@freebsd.org
Subject: Re: parental control with squid and dansguardian
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 06 Jul 2007 16:26:42 -0000

Hi Daniel,

On Fri, 06 Jul 2007 17:20:50 +0100, Daniel Bye <dan@slightlystrange.org>
wrote:
> You can use pf's redirection to catch all outbound traffic destined for
> port 80:
> 
>   rdr on $int_if inet proto tcp from $internal_net to !<me> port www ->
> $proxy_host port $proxy_port
> 
> Define the macros appropriately in /etc/pf.conf and you're away.
> 
> <me> is a pf table that contains all the firewall machine's addresses:
> 
>   table <me> persist { self }
> 
> Any packets originating from your internal network, bound for port 80 on
> any host other than the firewall (you may need to fine tune this,
> depending on your needs), are redirected to the designated host/port. No
> need to set up per-client proxies as the firewall handles it
> transparently.

Great! Thank you so much! Now this should really speed me up nd it is
perfect solution as no client configuration is needed and no escaping
possible! Thanks again!

I really appreciate such a helpful community as is here! Hard to find these
days. Thank you!

-- 
Zbigniew Szalbot