Transparent Remote Proxy Server
ms419 at freezone.co.uk
ms419 at freezone.co.uk
Mon Sep 27 20:25:28 CEST 2004
On Sep 24, 2004, at 12:01 PM, Aleksandar Milivojevic wrote:
> ms419 at freezone.co.uk wrote:
>> I'm setting up a transparent proxy to a remote proxy server & can't
>> figure out why it doesn't work.
>> My gateway is tor; it's running Debian unstable, iptables 1.2.11-2, &
>> a custom 2.4.27 kernel. My proxy server is wum; it's also running
>> Debian unstable, squid 2.5.6-8, iptables 1.2.11-2, & a custom 2.6.7
>> kernel.
>> Physically, tor is connected by each of 3 NICs to an ADSL modem, to
>> wum by a crossover cable, & to the rest of the network by a hub.
>> Logically, tor & wum are in 192.168.103.0/24; tor & the rest of the
>> network are in 192.168.179.0/24.
>
> Haven't done something like that myself, but wouldn't it be much
> simpler to implement it like this (using filter table for filtering,
> and nat table for NATing, as they were intended to be used):
Thank you sincerely for your suggestion! You are correct: It is simpler
to use DNAT & MASQUERADE. I tried it & it works. But now, I am trying
to avoid using NAT.
The problem with NAT (as I understand it) is it rewrites the
destination address, which breaks HTTP/1.0 requests without a Host:
header. By using policy routing, I hope to route traffic through wum
without rewriting the destination address.
I'm using as my guide the Transparent Proxy HOWTO by Daniel Kiracofe.
I'm still not sure what is wrong - thank you very much for any help!
Jack
More information about the netfilter
mailing list