Advanced
Mailing List Archive

Mailing List Archive

  1. Home >
  2. Gentoo>
  3. User
transparent proxy/iptables question
afraser at w3internet
Sep 23, 2004, 9:30 AM
Post #1 of 3 (725 views)
Permalink
Hi list,

I was following these instructions for a transparent proxy/router box:
http://en.tldp.org/HOWTO/TransparentProxy.html

There is one more thing I want to do that wasn't covered. The guide
gives this command and the magic to "transparently" re-route all traffic
coming in on eth0 destined for port 80 to the local proxy:

iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT
--to-port 3128

How can I do the same for traffic that originates on the local host? I
tried the same command without "-i eth0" but that seems to have had no
effect.

More concisely: I have the web browser and the proxy running on the same
machine. I want to tell Linux to redirect the browsers traffic (*:80)
to localhost:3128.


TIA,

-- Arran


--
gentoo-user@gentoo.org mailing list
Re: transparent proxy/iptables question [ In reply to ]
andres.moore at gmail
Sep 23, 2004, 11:46 AM
Post #2 of 3 (736 views)
Permalink
export http_proxy="http://ip_of_the_local_machine:3128"

if you want to do in a Web Browser, just go to preferences and
connection settings.


andres



On Thu, 23 Sep 2004 13:30:29 -0300, Arran Fraser <afraser@w3internet.com> wrote:
>
> Hi list,
>
> I was following these instructions for a transparent proxy/router box:
> http://en.tldp.org/HOWTO/TransparentProxy.html
>
> There is one more thing I want to do that wasn't covered. The guide
> gives this command and the magic to "transparently" re-route all traffic
> coming in on eth0 destined for port 80 to the local proxy:
>
> iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT
> --to-port 3128
>
> How can I do the same for traffic that originates on the local host? I
> tried the same command without "-i eth0" but that seems to have had no
> effect.
>
> More concisely: I have the web browser and the proxy running on the same
> machine. I want to tell Linux to redirect the browsers traffic (*:80)
> to localhost:3128.
>
> TIA,
>
> -- Arran
>
> --
> gentoo-user@gentoo.org mailing list
>
>



--
---

When we are young
Wandering the face of the Earth
Wondering what our dreams might be worth
Learning that we're only immortal
For a limited time

Neil Peart - Dreamline

--
gentoo-user@gentoo.org mailing list
Re: transparent proxy/iptables question [ In reply to ]
andfarm at teknovis
Sep 23, 2004, 12:56 PM
Post #3 of 3 (722 views)
Permalink
On 23 Sep 2004, at 09:30, Arran Fraser wrote:
> There is one more thing I want to do that wasn't covered. The guide
> gives this command and the magic to "transparently" re-route all
> traffic
> coming in on eth0 destined for port 80 to the local proxy:
>
> iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT
> --to-port 3128
>
> How can I do the same for traffic that originates on the local host? I
> tried the same command without "-i eth0" but that seems to have had no
> effect.

There's also a kernel option to enable NAT on locally originated
connections.

Be sure you understand the implications of doing this *before* you
compile it in.

Attached Files:

©2024 GT.net. A Gossamer Threads company.
5th Floor, 455 Granville St., Vancouver, BC V6C 1T1, Canada | Legal