[Firewall] Arno's support for transparent proxy

Arno van Amersfoort arnova at rocky.eld.leidenuniv.nl
Wed Aug 25 13:38:03 CEST 2010


Did you also look at the transparent proxy plugin? I think it should be 
capable of doing such a task. If not we should modify it, so it will...

a.

On 8/13/2010 21:53, Anibal F. Martinez Cortina wrote:
> Hey all, before diving into writting custom rules, I need to know if
> this feature has allready been implemented.
> I've got 2 class C network, 192.168.1.0/24 and 192.168.2.0/24.
> 192.168.1.0/24 is connected to eth1, and my uplink is at eth0.
> We've been assigned a proxy from IT that's not inside our network, and
> I'd like to make it transparent to anyone connecting to the wireless
> network (Wireless AP connected to eth1 through 10/100 LAN).
> I've tried using the features on arno-iptables-firewall, but it'd only
> allow me to do this if the proxy was local.
> Since I don't want to install squid to then make it rely on an external
> one, is there anything I missed out in firewall.conf?
> I've tried adding:
> |iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 80 -j DNAT --to
> XXX.XXX.XXX.XXX:8080
> |But apparently some rule before it is taking effect and the redirection
> never really takes place.
> Sorry if I'm not clear enough, english is not my main languaje.
> Thanks in advice.
>
>
>
> _______________________________________________
> Firewall mailing list
> Firewall at rocky.eld.leidenuniv.nl
> http://rocky.eld.leidenuniv.nl/mailman/listinfo/firewall
> Arno's (Linux IPTABLES Firewall) Homepage:
> http://rocky.eld.leidenuniv.nl

-- 
Arno van Amersfoort
E-mail    : arnova at rocky.eld.leidenuniv.nl
Donations are welcome through Paypal!
---------------------------------------------------------------------------
Arno's (Linux IPTABLES Firewall) Homepage:
http://rocky.eld.leidenuniv.nl


More information about the Firewall mailing list