[squid-users] Setting up a transparent http and https proxy server using squid 4.6
Amos Jeffries
squid3 at treenet.co.nz
Fri Jan 1 03:58:06 UTC 2021
On 31/12/20 10:14 pm, Antony Stone wrote:
> On Thursday 31 December 2020 at 10:10:11, jean francois hasson wrote:
>
>> If I set up on a device connected to the access point a proxy manually
>> ie 10.3.141.1 on port 8080, I can access the internet. If I put the
>> following rules for iptables to use in files rules.v4 :
>>
>> *nat
>> -A PREROUTING -i eth0 -p tcp -m tcp --dport 80 -j DNAT --to-destination
>> 10.3.141.1:3128
>> -A PREROUTING -i eth0 -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 3128
>> -A PREROUTING -i eth0 -p tcp -m tcp --dport 443 -j DNAT --to-destination
>> 10.3.141.1:3129
>> -A PREROUTING -i eth0 -p tcp -m tcp --dport 443 -j REDIRECT --to-ports 3129
>> -A POSTROUTING -s 10.3.141.0/24 -o eth0 -j MASQUERADE
>
> Try removing the DNAT rules above. You should be using REDIRECT for intercept
> mode to work correctly.
>
Also missing half the iptables rules needed. See the official How-To
documentation at
<https://wiki.squid-cache.org/ConfigExamples/Intercept/LinuxRedirect>
Amos
More information about the squid-users
mailing list