[PLUG] Dynamic IP and transparent proxy...
michael at robinson-west.com
michael at robinson-west.com
Mon Jan 6 23:14:48 UTC 2020
January 6, 2020 4:48 PM, "Mike C." <mconnors1 at gmail.com> wrote:
>> I've implemented the following command:
>>> iptables -t nat -A PREROUTING -i eth0 -s 192.168.254.0/24 --dport 80 -j
>>> REDIRECT --to-port 3128
>>
>> I can use the proxy by explicitly setting it in firefox, but the
>> transparent feature is a no go.
>
> You want to use "tproxy" instead of "redirect" because "redirect" modifies
> the destination address of the packet. Which is probably why it doesn't
> work for you.
>
> e.g.
>
> # iptables -t mangle -A PREROUTING -p tcp --dport 80 -j TPROXY \
>
> --tproxy-mark 0x1/0x1 --on-port 50080
>
> More info here -
> https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git/tree/Documentation/networking/tp
> oxy.txt
> _______________________________________________
> PLUG mailing list
> PLUG at pdxlinux.org
> http://lists.pdxlinux.org/mailman/listinfo/plug
I've added the TPROXY rule to the mangle table, but I think I have to do something else...
I am still having to explicitly set a proxy to get out, maybe I'm not marking packets or maybe I need to policy route?
More information about the PLUG
mailing list