I have my Star-Os server sitting between my COR and a switch that connects to my backbone router. I have the nicks is a brdige group and have all my CBQ, BWM, and squid set up and working.

I would like to use the firewall script to forward port 80 requests that are not on my network to squid. I don't want to have to configure all the users browsers.

I tired the following:
forward tcp to 192.168.8.99 8080 from 65.121.95.0/24 to any 80 out via $net.

65.121.95.0/24 is where I put my subnet.

This does not work. I am not sure if it is because I am in bridge mode?

DH.

Your forward line is exactly what we use, except for the IP differences. We are not bridged, and we will check this out to see if that is what is doing it.

It worked at one time, so maybe we broke something. We'll let you know and get it fixed.

Just to make sure (sorry but I have to ask), you did save and activate?

Yes, I save and activate for every change i make/try. I wait about 30 seconds to ensure the activation is finished.

I change my forward to:
forward tcp to 192.168.8.99 8080 from 65.121.95.0/24 80 to any 80 out via $net.

This seems to allow me to surf, but it does not seem to be proxied. Because I can shut the proxy off and the http traffic stiff flows. Although this maybe normal.

Is there a online tool or someting within station server that will tell me if I am going through the proxy?

DH.

You know the redirect is working when you disable the proxy and users cannot surf. Right now your rule is messed up. Move it back to the old rule and see if the traffic is at least getting redirected.

I wonder if there is something that is messing up with the fact you are directing public IP to a private IP. natd might just be getting mixed up in the whole process.

Can you assign a public IP to the Proxy? The proxy requires an IP since it actually makes the http request for the user. I don't know how it would react in a bridging situation and having to work with private which means natd is in the mix.

Try and simplify it a bit, and then move one step at a time to the configuration you want. At least then we will have the point in the process that it quits, and then we can try and fix it.

Ok.
I reassigned the IPs on my nics.
I now have only one IP and it is real and applied to the client interface (ether1). This interface plugs directly via a cross over cable into the COR.
The net interface (ether2) plugs into a switch attached to my backbone router.

I am testing the redirect on 1 IP.

I have the following redirect statement:
forward tcp to 65.121.95.7 8080 from 65.121.95.106 to any 80 out via $net.

This fixed it. The host goes through the proxy and browses. When I shut the proxy off the host can not browse.

Thanx for your help.

DH.