Shorewall - block outgoing
I'm trying to use a combination of Shorewall/Squid/Privoxy/Tor (all running on the same box) on my network.
REDIRECT loc 80 tcp www
to my shorewall "rules" file and it's working great - my test pc on my network can surf through tor transparently (without adding anything to their browser setting).
Now my question is, how do I stop ALL other outgoing traffic from the LAN (e.g. to prevent someone entering their own proxy server in firefox)..
I've tried adding DROP loc:10.xx.xx.0/24!10.xx.xx.1/32 net
(where the first is my local subnet and the exclusion is my firewall's ip) however this blocks my tor setup working..
Help is appreciated cheers