I have a system setup with 2 nics - eth0 and eth1. This system is only for use as a proxy and internet filter (eventually).
The proxy works fine if it runs as a normal proxy and I change the settings in each web browser; however, this is not ideal. I would like for the DHCP server to nominate each connecting system a gateway referring to eth0 say 192.168.0.100. That way all outgoing packets will pass through this system.
I figure I need to redirect traffic on port 80 to squid on port 3128, and allow other traffic that squid can’t handle to be passed through.
Outgoing traffic should go out to the internet on eth1 - say 192.168.0.200.
Do I need to bond the two interfaces for the latter to work?
What settings do I need in /etc/sysconfig/SuSEfirewall2 ?
I would set http_access 3128 transparent in /etc/squid/squid.conf
The entries that appear to be critical in SuSEfirewall2 are as follows (not necessarily correct):
When in transparent mode and as the gateway nothing reaches squid (tailing access.log shows nothing new).
This system is a para-virtualised OpenSuSE 11.1
Couple of extra questions - is it even worth having two nics? The idea was to only allow 192.168.0.200 (eth1) access to the net so that squid cannot be bypassed and try to separate the traffic (if necessary).