Redirection of http traficc to web-proxy DMZ server

zaterio

Hello
(I wite from Chile, sorry my bad english  :'().. I need to configure a proxy-cache (dansguardian filtering) DMZ server whit the follow net arquithectury:

LANsubnet
                               |
                               |
ModemADSL–---------Router-----------DMZsubnet
                               |
                               |
                            HOTSPOTsubnet

LANsubnet: 192.168.1.0/24
DMZsubnet: 192.168.2.0/24 (192.168.2.2 = web-proxy server)
HOTSPOTsubnet: 192.168.3.0/24 (DHCP-server enabled + captive portal)
ModemADSL: Internet gateway (WAN configurated in  pppoe-client mode)

the goals:
all the http traffic (80/tcp) of the Hotspot users must be redirect to the 3128 port of web-proxy server and is necesary dont loose the captive portal feature

My experience whit this:

1.- In RouterOS mikrotik v. 2.8: dont support the redirection to dst-adress, only works with the apropiatte Nat rule to the dmz server, this produce that the natted http traffic bypass the captive portal (the proxy works)
2.- m0n0wall: idem to mikrotik

In both cases I testting with the captive portal enabled only in hotspot interfaces and the captive portal enabled only in the DMZ interface (the router is configurated to forward all the traffic for the momment), but never the captive portal works when the nated 80/tcp rule to the dmz server are present.

In m0n0wall i dont found information about how captive portal works (maybe works with 8000/tcp redirecction rule..i dont know, the rules are not present in the firewall chains)

Rigth now, i want to test the pfsense distro..perhaps the WAN captive portal feature works.....

where i can find information about the captive portal in pfsense or m0n0?
any suggestion?

thank you in advance

Zaterio
NBU
nodo barrio univeritario
Hagamos una red libre para todos!!!!!!