Hi Ray,
The content of 35transproxy file is:
/sbin/iptables --table nat --new-chain TransProxy
/sbin/iptables --table nat --append PREROUTING\
-p tcp --dport 80 -j TransProxy
#Rerouting ports 80 443 to port 8080
/sbin/iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 8080
/sbin/iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 443 -j REDIRECT --to-port 8080
#Blocking port 3128
/sbin/iptables -A INPUT -p tcp --destination-port 3128 -i eth0 -j DROP
/sbin/iptables -A INPUT -p udp --destination-port 3128 -i eth0 -j DROP
/sbin/iptables --table nat --append TransProxy \
--destination 127.0.0.1 --jump ACCEPT
/sbin/iptables --table nat --append TransProxy \
--destination 192.168.0.1 --jump ACCEPT
/sbin/iptables --table nat --append TransProxy \
--destination $OUTERNET --jump ACCEPT
/sbin/iptables --table nat --append TransProxy\
-p TCP -j DNAT --to 192.168.0.1:8080
and nothing else, but it only works on SME 6.0.1 and earlier SME servers that use iptables.
I recently tried it on SME 7, with no luck, I'll spend the weekend working out why it didn't and get back to you with updated code for 7.
But in the mean time, on SME 6.0.1 it will block all access to ports 80, 443 and 3128, so people will be forced to use port 8080.
You should also know that the rerouting doesn't seem to work that well, if someone is trying to access a https websites, or microsoft updates, they won't be able to unless they are using port 8080 as the proxy server.
cheers