Forward from port 80 to my proxy server wont workIptables port forwardUbuntu 9.10 and Squid 2.7 Transparent Proxy TCP_DENIEDiptables port forward forwardingAllow traffic on one port from one IP address with iptablesssh connection refused with out iptables rullesIptables port forwarding for specific host dd-wrt/tomatoVPN client blocked through squid serverTwo transparent gateway using squid return 403HTTPS Content Filtering without de-crypting traffic using squid?iptables port forwarding to server with different port
How many wives did king shaul have
How exploitable/balanced is this homebrew spell: Spell Permanency?
Does int main() need a declaration on C++?
OP Amp not amplifying audio signal
What is the most common color to indicate the input-field is disabled?
In Bayesian inference, why are some terms dropped from the posterior predictive?
Is this answer explanation correct?
How seriously should I take size and weight limits of hand luggage?
Avoiding the "not like other girls" trope?
files created then deleted at every second in tmp directory
How badly should I try to prevent a user from XSSing themselves?
Is this draw by repetition?
Processor speed limited at 0.4 Ghz
How can saying a song's name be a copyright violation?
Is it inappropriate for a student to attend their mentor's dissertation defense?
Was the Stack Exchange "Happy April Fools" page fitting with the '90's code?
How does a dynamic QR code work?
Ambiguity in the definition of entropy
Placement of More Information/Help Icon button for Radio Buttons
Why was the shrink from 8″ made only to 5.25″ and not smaller (4″ or less)
Why is it a bad idea to hire a hitman to eliminate most corrupt politicians?
How to stretch the corners of this image so that it looks like a perfect rectangle?
My ex-girlfriend uses my Apple ID to log in to her iPad. Do I have to give her my Apple ID password to reset it?
How do conventional missiles fly?
Forward from port 80 to my proxy server wont work
Iptables port forwardUbuntu 9.10 and Squid 2.7 Transparent Proxy TCP_DENIEDiptables port forward forwardingAllow traffic on one port from one IP address with iptablesssh connection refused with out iptables rullesIptables port forwarding for specific host dd-wrt/tomatoVPN client blocked through squid serverTwo transparent gateway using squid return 403HTTPS Content Filtering without de-crypting traffic using squid?iptables port forwarding to server with different port
I have a raspberry configured as a little server for doing some networking training, this is my current system version
Linux raspberrypi 4.14.98-v7+ #1200 SMP Tue Feb 12 20:27:48 GMT 2019 armv7l GNU/Linux. Currently, my raspberry has a usb wirelss adapter for connecting to the internet (wlan0) and the lan port is plugged to another PC which goes out to the internet from the wireless interface.
Now i want to set up a proxy, i have already installed squid and run it with some simple configurations. Below my current squid.conf without comments:
acl localnet src 10.0.0.0/8 # RFC1918 possible internal network
acl localnet src 172.16.0.0/12 # RFC1918 possible internal network
acl mynetwork src 192.168.0.0/16 # RFC1918 possible internal network
acl SSL_ports port 443
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localhost manager
http_access deny manager
http_access allow localnet
http_access allow localhost
http_access allow mynetwork
http_access deny all
http_port 3128
http_port 3129 intercept
cache_dir ufs /var/spool/squid 500 16 256
refresh_pattern -i .(gif|png|jpeg|ico)$ 3600 90% 43200
coredump_dir /var/spool/squid
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i (/cgi-bin/|?) 0 0% 0
refresh_pattern . 0 20% 4320
Firstly, i want to make it as transparent proxy without configuring every browser settings, but after reading a lot of tutorial which explains how to redirect from a port to anothe, no one of them did not work because the proxy does not log the activity of the PC in the access.log file.
My nat tables:
Chain PREROUTING (policy ACCEPT)
target prot opt source destination
REDIRECT tcp -- anywhere anywhere tcp dpt:http redir ports 3129
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Chain POSTROUTING (policy ACCEPT)
target prot opt source destination
MASQUERADE all -- anywhere anywhere
My filter table:
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
In conclusion, i missed some configurations? Or this iptable rules are wrong for my purpose?
linux iptables proxy squid port-forwarding
asked yesterday
Leonardo BassiLeonardo Bassi
12
New contributor
Leonardo Bassi is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
|
show 1 more comment
I have a raspberry configured as a little server for doing some networking training, this is my current system version
Linux raspberrypi 4.14.98-v7+ #1200 SMP Tue Feb 12 20:27:48 GMT 2019 armv7l GNU/Linux. Currently, my raspberry has a usb wirelss adapter for connecting to the internet (wlan0) and the lan port is plugged to another PC which goes out to the internet from the wireless interface.
Now i want to set up a proxy, i have already installed squid and run it with some simple configurations. Below my current squid.conf without comments:
acl localnet src 10.0.0.0/8 # RFC1918 possible internal network
acl localnet src 172.16.0.0/12 # RFC1918 possible internal network
acl mynetwork src 192.168.0.0/16 # RFC1918 possible internal network
acl SSL_ports port 443
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localhost manager
http_access deny manager
http_access allow localnet
http_access allow localhost
http_access allow mynetwork
http_access deny all
http_port 3128
http_port 3129 intercept
cache_dir ufs /var/spool/squid 500 16 256
refresh_pattern -i .(gif|png|jpeg|ico)$ 3600 90% 43200
coredump_dir /var/spool/squid
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i (/cgi-bin/|?) 0 0% 0
refresh_pattern . 0 20% 4320
Firstly, i want to make it as transparent proxy without configuring every browser settings, but after reading a lot of tutorial which explains how to redirect from a port to anothe, no one of them did not work because the proxy does not log the activity of the PC in the access.log file.
My nat tables:
Chain PREROUTING (policy ACCEPT)
target prot opt source destination
REDIRECT tcp -- anywhere anywhere tcp dpt:http redir ports 3129
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Chain POSTROUTING (policy ACCEPT)
target prot opt source destination
MASQUERADE all -- anywhere anywhere
My filter table:
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
In conclusion, i missed some configurations? Or this iptable rules are wrong for my purpose?
linux iptables proxy squid port-forwarding
asked yesterday
Leonardo BassiLeonardo Bassi
12
New contributor
Leonardo Bassi is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
A transparent proxy is one which systems in your network can (and will) use WITHOUT explicitly confirming a proxy server in the OS or web browser. One half of the equation is configuring the proxy server itself to work in a transparent mode, the other half is configuring your network, in SOHO networks typically on the gateway router, to intercept web traffic from your systems and to force it through the proxy server. Your question seems to indicate that you've only tried to solve half the equation haven't done any such network configuration to make the second part of the equation work.
– HBruijn
yesterday
@HBruijn I said "without configuring every browser settings", anyway can you be more clear about "network configuration" part?
– Leonardo Bassi
yesterday
You need a way to ensure that when your webbrowser send a web request to serverfault.com port 80 it does not go to the ServerFault webserver but instead to the system where your transparent proxy lives. wiki.squid-cache.org/ConfigExamples/Intercept lists network configuration examples for a number of different device types
– HBruijn
yesterday
@HBruijn i followed the guide which you provide, in particular "Traffic Interception by Policy Routing" using Iptables. But when i run tail for having the access.log file and at the same time i open a new tab on my browser, the proxy doesn't log the activity, because in the access.log doesn't appear any new entry
– Leonardo Bassi
yesterday
Here is another policy based routing tutorial to route traffic from your gateway (rpi) to additional proxy box installed within your network - docs.diladele.com/tutorials/policy_based_routing_squid/…. From your description though it seems you need to run the squid on rpi? If so you'd need to setup local redirect iptables rules as explained in docs.diladele.com/tutorials/transparent_proxy_ubuntu/index.html
– Rafael
yesterday
|
show 1 more comment
I have a raspberry configured as a little server for doing some networking training, this is my current system version
Linux raspberrypi 4.14.98-v7+ #1200 SMP Tue Feb 12 20:27:48 GMT 2019 armv7l GNU/Linux. Currently, my raspberry has a usb wirelss adapter for connecting to the internet (wlan0) and the lan port is plugged to another PC which goes out to the internet from the wireless interface.
Now i want to set up a proxy, i have already installed squid and run it with some simple configurations. Below my current squid.conf without comments:
acl localnet src 10.0.0.0/8 # RFC1918 possible internal network
acl localnet src 172.16.0.0/12 # RFC1918 possible internal network
acl mynetwork src 192.168.0.0/16 # RFC1918 possible internal network
acl SSL_ports port 443
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localhost manager
http_access deny manager
http_access allow localnet
http_access allow localhost
http_access allow mynetwork
http_access deny all
http_port 3128
http_port 3129 intercept
cache_dir ufs /var/spool/squid 500 16 256
refresh_pattern -i .(gif|png|jpeg|ico)$ 3600 90% 43200
coredump_dir /var/spool/squid
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i (/cgi-bin/|?) 0 0% 0
refresh_pattern . 0 20% 4320
Firstly, i want to make it as transparent proxy without configuring every browser settings, but after reading a lot of tutorial which explains how to redirect from a port to anothe, no one of them did not work because the proxy does not log the activity of the PC in the access.log file.
My nat tables:
Chain PREROUTING (policy ACCEPT)
target prot opt source destination
REDIRECT tcp -- anywhere anywhere tcp dpt:http redir ports 3129
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Chain POSTROUTING (policy ACCEPT)
target prot opt source destination
MASQUERADE all -- anywhere anywhere
My filter table:
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
In conclusion, i missed some configurations? Or this iptable rules are wrong for my purpose?
linux iptables proxy squid port-forwarding
asked yesterday
Leonardo BassiLeonardo Bassi
12
New contributor
Leonardo Bassi is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
I have a raspberry configured as a little server for doing some networking training, this is my current system version
Linux raspberrypi 4.14.98-v7+ #1200 SMP Tue Feb 12 20:27:48 GMT 2019 armv7l GNU/Linux. Currently, my raspberry has a usb wirelss adapter for connecting to the internet (wlan0) and the lan port is plugged to another PC which goes out to the internet from the wireless interface.
Now i want to set up a proxy, i have already installed squid and run it with some simple configurations. Below my current squid.conf without comments:
acl localnet src 10.0.0.0/8 # RFC1918 possible internal network
acl localnet src 172.16.0.0/12 # RFC1918 possible internal network
acl mynetwork src 192.168.0.0/16 # RFC1918 possible internal network
acl SSL_ports port 443
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localhost manager
http_access deny manager
http_access allow localnet
http_access allow localhost
http_access allow mynetwork
http_access deny all
http_port 3128
http_port 3129 intercept
cache_dir ufs /var/spool/squid 500 16 256
refresh_pattern -i .(gif|png|jpeg|ico)$ 3600 90% 43200
coredump_dir /var/spool/squid
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i (/cgi-bin/|?) 0 0% 0
refresh_pattern . 0 20% 4320
Firstly, i want to make it as transparent proxy without configuring every browser settings, but after reading a lot of tutorial which explains how to redirect from a port to anothe, no one of them did not work because the proxy does not log the activity of the PC in the access.log file.
My nat tables:
Chain PREROUTING (policy ACCEPT)
target prot opt source destination
REDIRECT tcp -- anywhere anywhere tcp dpt:http redir ports 3129
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Chain POSTROUTING (policy ACCEPT)
target prot opt source destination
MASQUERADE all -- anywhere anywhere
My filter table:
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
In conclusion, i missed some configurations? Or this iptable rules are wrong for my purpose?
linux iptables proxy squid port-forwarding
linux iptables proxy squid port-forwarding
asked yesterday
Leonardo BassiLeonardo Bassi
12
New contributor
Leonardo Bassi is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
asked yesterday
Leonardo BassiLeonardo Bassi
12
New contributor
Leonardo Bassi is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
asked yesterday
Leonardo BassiLeonardo Bassi
12
New contributor
Leonardo Bassi is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
asked yesterday
Leonardo BassiLeonardo Bassi
12
asked yesterday
Leonardo BassiLeonardo Bassi
12
12
New contributor
Leonardo Bassi is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
New contributor
Leonardo Bassi is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
Leonardo Bassi is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
A transparent proxy is one which systems in your network can (and will) use WITHOUT explicitly confirming a proxy server in the OS or web browser. One half of the equation is configuring the proxy server itself to work in a transparent mode, the other half is configuring your network, in SOHO networks typically on the gateway router, to intercept web traffic from your systems and to force it through the proxy server. Your question seems to indicate that you've only tried to solve half the equation haven't done any such network configuration to make the second part of the equation work.
– HBruijn
yesterday
@HBruijn I said "without configuring every browser settings", anyway can you be more clear about "network configuration" part?
– Leonardo Bassi
yesterday
You need a way to ensure that when your webbrowser send a web request to serverfault.com port 80 it does not go to the ServerFault webserver but instead to the system where your transparent proxy lives. wiki.squid-cache.org/ConfigExamples/Intercept lists network configuration examples for a number of different device types
– HBruijn
yesterday
@HBruijn i followed the guide which you provide, in particular "Traffic Interception by Policy Routing" using Iptables. But when i run tail for having the access.log file and at the same time i open a new tab on my browser, the proxy doesn't log the activity, because in the access.log doesn't appear any new entry
– Leonardo Bassi
yesterday
Here is another policy based routing tutorial to route traffic from your gateway (rpi) to additional proxy box installed within your network - docs.diladele.com/tutorials/policy_based_routing_squid/…. From your description though it seems you need to run the squid on rpi? If so you'd need to setup local redirect iptables rules as explained in docs.diladele.com/tutorials/transparent_proxy_ubuntu/index.html
– Rafael
yesterday
|
show 1 more comment
A transparent proxy is one which systems in your network can (and will) use WITHOUT explicitly confirming a proxy server in the OS or web browser. One half of the equation is configuring the proxy server itself to work in a transparent mode, the other half is configuring your network, in SOHO networks typically on the gateway router, to intercept web traffic from your systems and to force it through the proxy server. Your question seems to indicate that you've only tried to solve half the equation haven't done any such network configuration to make the second part of the equation work.
– HBruijn
yesterday
@HBruijn I said "without configuring every browser settings", anyway can you be more clear about "network configuration" part?
– Leonardo Bassi
yesterday
You need a way to ensure that when your webbrowser send a web request to serverfault.com port 80 it does not go to the ServerFault webserver but instead to the system where your transparent proxy lives. wiki.squid-cache.org/ConfigExamples/Intercept lists network configuration examples for a number of different device types
– HBruijn
yesterday
@HBruijn i followed the guide which you provide, in particular "Traffic Interception by Policy Routing" using Iptables. But when i run tail for having the access.log file and at the same time i open a new tab on my browser, the proxy doesn't log the activity, because in the access.log doesn't appear any new entry
– Leonardo Bassi
yesterday
Here is another policy based routing tutorial to route traffic from your gateway (rpi) to additional proxy box installed within your network - docs.diladele.com/tutorials/policy_based_routing_squid/…. From your description though it seems you need to run the squid on rpi? If so you'd need to setup local redirect iptables rules as explained in docs.diladele.com/tutorials/transparent_proxy_ubuntu/index.html
– Rafael
yesterday
A transparent proxy is one which systems in your network can (and will) use WITHOUT explicitly confirming a proxy server in the OS or web browser. One half of the equation is configuring the proxy server itself to work in a transparent mode, the other half is configuring your network, in SOHO networks typically on the gateway router, to intercept web traffic from your systems and to force it through the proxy server. Your question seems to indicate that you've only tried to solve half the equation haven't done any such network configuration to make the second part of the equation work.
– HBruijn
yesterday
A transparent proxy is one which systems in your network can (and will) use WITHOUT explicitly confirming a proxy server in the OS or web browser. One half of the equation is configuring the proxy server itself to work in a transparent mode, the other half is configuring your network, in SOHO networks typically on the gateway router, to intercept web traffic from your systems and to force it through the proxy server. Your question seems to indicate that you've only tried to solve half the equation haven't done any such network configuration to make the second part of the equation work.
– HBruijn
yesterday
@HBruijn I said "without configuring every browser settings", anyway can you be more clear about "network configuration" part?
– Leonardo Bassi
yesterday
@HBruijn I said "without configuring every browser settings", anyway can you be more clear about "network configuration" part?
– Leonardo Bassi
yesterday
You need a way to ensure that when your webbrowser send a web request to serverfault.com port 80 it does not go to the ServerFault webserver but instead to the system where your transparent proxy lives. wiki.squid-cache.org/ConfigExamples/Intercept lists network configuration examples for a number of different device types
– HBruijn
yesterday
You need a way to ensure that when your webbrowser send a web request to serverfault.com port 80 it does not go to the ServerFault webserver but instead to the system where your transparent proxy lives. wiki.squid-cache.org/ConfigExamples/Intercept lists network configuration examples for a number of different device types
– HBruijn
yesterday
@HBruijn i followed the guide which you provide, in particular "Traffic Interception by Policy Routing" using Iptables. But when i run tail for having the access.log file and at the same time i open a new tab on my browser, the proxy doesn't log the activity, because in the access.log doesn't appear any new entry
– Leonardo Bassi
yesterday
@HBruijn i followed the guide which you provide, in particular "Traffic Interception by Policy Routing" using Iptables. But when i run tail for having the access.log file and at the same time i open a new tab on my browser, the proxy doesn't log the activity, because in the access.log doesn't appear any new entry
– Leonardo Bassi
yesterday
Here is another policy based routing tutorial to route traffic from your gateway (rpi) to additional proxy box installed within your network - docs.diladele.com/tutorials/policy_based_routing_squid/…. From your description though it seems you need to run the squid on rpi? If so you'd need to setup local redirect iptables rules as explained in docs.diladele.com/tutorials/transparent_proxy_ubuntu/index.html
– Rafael
yesterday
Here is another policy based routing tutorial to route traffic from your gateway (rpi) to additional proxy box installed within your network - docs.diladele.com/tutorials/policy_based_routing_squid/…. From your description though it seems you need to run the squid on rpi? If so you'd need to setup local redirect iptables rules as explained in docs.diladele.com/tutorials/transparent_proxy_ubuntu/index.html
– Rafael
yesterday
|
show 1 more comment
0
active
oldest
votes
Your Answer
StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "2"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);
else
createEditor();
);
function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);
);
Leonardo Bassi is a new contributor. Be nice, and check out our Code of Conduct.
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fserverfault.com%2fquestions%2f960910%2fforward-from-port-80-to-my-proxy-server-wont-work%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
0
active
oldest
votes
0
active
oldest
votes
active
oldest
votes
active
oldest
votes
Leonardo Bassi is a new contributor. Be nice, and check out our Code of Conduct.
Leonardo Bassi is a new contributor. Be nice, and check out our Code of Conduct.
Leonardo Bassi is a new contributor. Be nice, and check out our Code of Conduct.
Leonardo Bassi is a new contributor. Be nice, and check out our Code of Conduct.
Thanks for contributing an answer to Server Fault!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fserverfault.com%2fquestions%2f960910%2fforward-from-port-80-to-my-proxy-server-wont-work%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
A transparent proxy is one which systems in your network can (and will) use WITHOUT explicitly confirming a proxy server in the OS or web browser. One half of the equation is configuring the proxy server itself to work in a transparent mode, the other half is configuring your network, in SOHO networks typically on the gateway router, to intercept web traffic from your systems and to force it through the proxy server. Your question seems to indicate that you've only tried to solve half the equation haven't done any such network configuration to make the second part of the equation work.
– HBruijn
yesterday
@HBruijn I said "without configuring every browser settings", anyway can you be more clear about "network configuration" part?
– Leonardo Bassi
yesterday
You need a way to ensure that when your webbrowser send a web request to serverfault.com port 80 it does not go to the ServerFault webserver but instead to the system where your transparent proxy lives. wiki.squid-cache.org/ConfigExamples/Intercept lists network configuration examples for a number of different device types
– HBruijn
yesterday
@HBruijn i followed the guide which you provide, in particular "Traffic Interception by Policy Routing" using Iptables. But when i run tail for having the access.log file and at the same time i open a new tab on my browser, the proxy doesn't log the activity, because in the access.log doesn't appear any new entry
– Leonardo Bassi
yesterday
Here is another policy based routing tutorial to route traffic from your gateway (rpi) to additional proxy box installed within your network - docs.diladele.com/tutorials/policy_based_routing_squid/…. From your description though it seems you need to run the squid on rpi? If so you'd need to setup local redirect iptables rules as explained in docs.diladele.com/tutorials/transparent_proxy_ubuntu/index.html
– Rafael
yesterday