I noticed that whenever I put a command into the shell that it doesn’t save during a reboot. I am not very familiar with Linux at all and would greatly appreciate any assistance in making my commands put into the shell get saved during a reboot. Also I am trying to forward proxy requests to a third-party filtering server. The ZeroShell box will be the default gateway on the network (10.150.1.1). I am trying to make it so that when a workstation sends traffic towards the default gateway destined for the internet on port 80 (and possibly 443 but haven’t decided yet) that ZeroShell will forward that traffic to the third-party web filter (in our case the IP address is 10.150.1.3 using port 8080) to be filtered and then sent to the internet. I also want to make sure that servers on the local LAN does not get filtered at all so there would have to be deny rules in place to let their traffic pass through the default gateway like normal. Can all of this be done through the web-based gui or does it have to be done in the shell? I noticed a section in the gui that mentioned prerouting and iptables but i am not familiar with iptable commands at all. I do have Cisco IOS experience, but not familiar with Linux at all. Thanks.
I don’t think you can do it with the web-gui.
It would be better with the CLI and since you have experience with IOS it won’t be that difficult.
The full tutorial for iptables can be found here.
You must add a DNAT rule to match the dport 80 packets (and dport 443 if you want https) of the subnet or IP range that has the computers you want to intercept, that changes the destination IP to 10.150.1.3:8080. Normally if the proxy uses its source IP address on packets then you won’t need to do anything else. If it keeps the original IP address as source you also need to redirect the answers from the wan interface to the proxy server again.