Re: How to redirect browsers with static proxy settings in iptables?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



How does one know if a given packet is destined for a proxy server or not? Is there something in the packet that I can look for that tells me this? I know there's the port, but HTTP traffic also uses port 80. The reason I ask is because the proxy address sometimes changes.

Thanks

Todd

>From: Askar Ali Khan <askarali@xxxxxxxxx>
>To: Todd Landfried <tlandfried@xxxxxxxxxxx>
>Subject: Re: How to redirect browsers with static proxy settings in iptables?
>Date: Fri, 23 Jul 2004 14:58:47 +0500
>
>Hi Todd
>
>you only need these rules for transparent proxy
>
>## Enable forwarding
>echo 1 > /proc/sys/net/ipv4/ip_forward
>
>## Enable MASUERADE for router
>iptables --table nat --append POSTROUTING -s 192.168.0.0/24
>--out-interface eth0 -j MASQUERADE
>
>## Enable Transparent proxy using squid port
>iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 80 -j REDIRECT
>--to-port 3128
>
>change port 3128 if you are running squid on some other ports such as 8080
>
>Regards
>Askar
>On Thu, 22 Jul 2004 14:48:52 -0700, Todd Landfried
><tlandfried@xxxxxxxxxxx> wrote:
> > I'm new to this firewall stuff, so any assistance would be greatly
> > appreciated. I've RTFM as much as I can, but nothing seems to fit this
> > situation exactly. Maybe I'm not asking the questions correctly in Google.
> >
> > I have a Linux 7.3 (2.4.20-28) server with two NICs. One is eth0 and
> > connects to the router. The other is eth1 and connects to the switch that
> > connect the computers in the house. We have a couple of laptops that have to
> > have static proxy settings in the browser for work, but it's a royal pain to
> > have to go and unclick the "use proxy" settings all the time. I'm being
> > pressured to find a solution--if you know what I mean.
> >
> > Let's say the proxy settings are:
> >
> > IP: 68.152.65.65
> > Port: 80
> >
> > Let's say the internal network is 10.1.0.x. I've also installed squid
> > (2.4.stable6) and I think I have that correct, but it's not working. I may
> > be missing some component, but I'm not sure.
> >
> > How do I create a rule that will route the browser traffic through the linux
> > box without having to uncheck the silly checkbox everytime she comes home?
> >
> > Any solution or guidance would be appreciated.
> >
> > Thnks
> >
> > Todd
> >
> > _________________________________________________________________
> > Overwhelmed by debt? Find out how to 'Dig Yourself Out of Debt' from MSN
> > Money. http://special.msn.com/money/0407debt.armx
> >
> >


_________________________________________________________________
Don?t just search. Find. Check out the new MSN Search! http://search.msn.click-url.com/go/onm00200636ave/direct/01/




[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux