Transparent Proxy
-
- Battalion Quarter Master Havaldaar
- Posts: 207
- Joined: Sat Aug 09, 2003 5:00 pm
- Location: Karachi
- Contact:
Transparent Proxy
I am using Linux RH 9 with Squid 2.5.
I am facing problem in transparent proxy, I also check previous posted answer on this link http://www.linuxpakistan.net/forum2x/vi ... ransparent
and did as describe in that topic, but problem is still same.
I have alreay done this transparent proxy in Linux 7.3 with Squid 2.4 and its working fine but not in RH 9 with Squid 2.5.
I did this thing in squid.
* httpd_accel_host virtual
* httpd_accel_port 80
* httpd_accel_with_proxy on httpd_accel_uses_host_header on
with iptables
echo > /proc/sys/net/ipv4/ip_forward
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 3128
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j LOG --log-prefix "Transparent Proxy Done : "
I also log all transparent request in /var/log/messages file but not entry appear there. it means it is not squid problem because request is not going to NAT table. May be I am doing mistake to log. please help me.
I am facing problem in transparent proxy, I also check previous posted answer on this link http://www.linuxpakistan.net/forum2x/vi ... ransparent
and did as describe in that topic, but problem is still same.
I have alreay done this transparent proxy in Linux 7.3 with Squid 2.4 and its working fine but not in RH 9 with Squid 2.5.
I did this thing in squid.
* httpd_accel_host virtual
* httpd_accel_port 80
* httpd_accel_with_proxy on httpd_accel_uses_host_header on
with iptables
echo > /proc/sys/net/ipv4/ip_forward
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 3128
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j LOG --log-prefix "Transparent Proxy Done : "
I also log all transparent request in /var/log/messages file but not entry appear there. it means it is not squid problem because request is not going to NAT table. May be I am doing mistake to log. please help me.
-
- Site Admin
- Posts: 5132
- Joined: Fri May 02, 2003 10:24 am
- Location: Karachi
- Contact:
Re:
Dear
Salam,
echo "1" > /proc/sys/net/ipv4/ip_forward
Best Regards.
Salam,
I think you forgot some thingecho > /proc/sys/net/ipv4/ip_forward
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 3128
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j LOG --log-prefix "Transparent Proxy Done : "
echo "1" > /proc/sys/net/ipv4/ip_forward
Best Regards.
Farrukh Ahmed
-
- Battalion Quarter Master Havaldaar
- Posts: 207
- Joined: Sat Aug 09, 2003 5:00 pm
- Location: Karachi
- Contact:
Transparent Proxy
no Sir,
it was typing mistake, I put this in my script
echo 1 > /proc/sys/net/ipv4/ip_forward
but not working.
it was typing mistake, I put this in my script
echo 1 > /proc/sys/net/ipv4/ip_forward
but not working.
-
- Battalion Quarter Master Havaldaar
- Posts: 221
- Joined: Wed Aug 07, 2002 3:02 pm
- Location: Rawalpindi
Try this
Assalam-O-Alaekum!
Try auto-configuring clients using DHCP or at least set the gateway IP to the proxy server. If all this fails, you can try IPCop which does all of this. Its really small and easy to setup. Once done, you can check the configuration of the IPCop system and tele it with your existing one to find out what you are missing.
Try auto-configuring clients using DHCP or at least set the gateway IP to the proxy server. If all this fails, you can try IPCop which does all of this. Its really small and easy to setup. Once done, you can check the configuration of the IPCop system and tele it with your existing one to find out what you are missing.
a10n3 s7r1k3r
-
- Battalion Quarter Master Havaldaar
- Posts: 207
- Joined: Sat Aug 09, 2003 5:00 pm
- Location: Karachi
- Contact:
Transparent Proxy
I am also using DHCP for auto assign IP, Gateway, DNS of my Server to clients. this also setup was working fine in 7.3 but not in 9, I also try this in RH ES 2.1 and working fine.
-
- Battalion Quarter Master Havaldaar
- Posts: 221
- Joined: Wed Aug 07, 2002 3:02 pm
- Location: Rawalpindi
Check for firewall.
First check if iptables (firewall) is running
service iptables status
if it is then its rules might be giving you problems. Try turning it off.
service iptables stop
service iptables status
if it is then its rules might be giving you problems. Try turning it off.
service iptables stop
a10n3 s7r1k3r
-
- Battalion Quarter Master Havaldaar
- Posts: 207
- Joined: Sat Aug 09, 2003 5:00 pm
- Location: Karachi
- Contact:
Transparent Proxy
first I stop the firewall and put manaul proxy on IE, then SQUID is running but when I remove manaul proxy and put firewall rule on linux it does not work.
#------ for transparent proxy
service iptables stop
echo "1" > /proc/sys/net/ipv4/ip_forward
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 3128
I also stop this service and for checking log either NAT is working or not I put this rule.
service iptables stop
echo "1" > /proc/sys/net/ipv4/ip_forward
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j LOG --log-prefix "checking transparent : "
but no log show in /var/log/messages
please help me.
#------ for transparent proxy
service iptables stop
echo "1" > /proc/sys/net/ipv4/ip_forward
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 3128
I also stop this service and for checking log either NAT is working or not I put this rule.
service iptables stop
echo "1" > /proc/sys/net/ipv4/ip_forward
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j LOG --log-prefix "checking transparent : "
but no log show in /var/log/messages
please help me.
-
- Site Admin
- Posts: 5132
- Joined: Fri May 02, 2003 10:24 am
- Location: Karachi
- Contact:
Re:
Dear shakirz1,
Salam,
I don't know why you stop iptables service.. and still you want to do IP NATing. Please Start your IPtabels Service.
# service iptables start
and also check the below link.
http://iptables-tutorial.frozentux.net/ ... orial.html
Best Regards.
Salam,
service iptables stop
echo "1" > /proc/sys/net/ipv4/ip_forward
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 3128
I don't know why you stop iptables service.. and still you want to do IP NATing. Please Start your IPtabels Service.
# service iptables start
and also check the below link.
http://iptables-tutorial.frozentux.net/ ... orial.html
Best Regards.
Farrukh Ahmed
-
- Battalion Quarter Master Havaldaar
- Posts: 207
- Joined: Sat Aug 09, 2003 5:00 pm
- Location: Karachi
- Contact:
Transparent Proxy
becuase s7r1k3r told me to stop firewall script so I stop iptables script and then run transparent proxy script after that this script did not work, then I try to NAT packets to log.
-
- Lieutenant Colonel
- Posts: 660
- Joined: Sat Jul 06, 2002 12:35 pm
- Location: Islamabad
- Contact:
i have installed linux 8.0 wid Squid/2.4.STABLE7 and internet is connected on Radio 128
my clients are connected through eth1 192.168.0.1 and eth0 on Radio
my rc.local
iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 80 -j REDIRECT --to-port 3128
echo 1 > /proc/sys/net/ipv4/ip_forward
but den also it's not working i hv also tried wid masquerade
iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 80 -j REDIRECT --to-port 8080
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
it was working fine before but somehow my system crashed and now it's not working dnno why...
any comments???
Regards
tAh|R Sarbazi
my clients are connected through eth1 192.168.0.1 and eth0 on Radio
my rc.local
iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 80 -j REDIRECT --to-port 3128
echo 1 > /proc/sys/net/ipv4/ip_forward
but den also it's not working i hv also tried wid masquerade
iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 80 -j REDIRECT --to-port 8080
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
it was working fine before but somehow my system crashed and now it's not working dnno why...
any comments???
Regards
tAh|R Sarbazi
-
- Site Admin
- Posts: 5132
- Joined: Fri May 02, 2003 10:24 am
- Location: Karachi
- Contact:
Re:
Dear sarbazix,
Salam,
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 8080
http://en.tldp.org/HOWTO/TransparentProxy.html
Best Regards.
Salam,
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 8080
http://en.tldp.org/HOWTO/TransparentProxy.html
Best Regards.
Farrukh Ahmed