[Firewall] Arno's support for transparent proxy

Anibal F. Martinez Cortina zeuz_netraptor at hotmail.com
Fri Aug 13 21:53:35 CEST 2010


Hey all, before diving into writting custom rules, I need to know if this feature has allready been implemented.
I've got 2 class C network, 192.168.1.0/24 and 192.168.2.0/24.
192.168.1.0/24 is connected to eth1, and my uplink is at eth0.
We've been assigned a proxy from IT that's not inside our network, and I'd like to make it transparent to anyone connecting to the wireless network (Wireless AP connected to eth1 through 10/100 LAN).
I've tried using the features on arno-iptables-firewall, but it'd only allow me to do this if the proxy was local.
Since I don't want to install squid to then make it rely on an external one, is there anything I missed out in firewall.conf?
I've tried adding:
iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 80 -j DNAT --to XXX.XXX.XXX.XXX:8080
But apparently some rule before it is taking effect and the redirection never really takes place.
Sorry if I'm not clear enough, english is not my main languaje.
Thanks in advice.
 		 	   		  
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://rocky.eld.leidenuniv.nl/pipermail/firewall/attachments/20100813/135a1a8c/attachment.html>


More information about the Firewall mailing list