Latest LQ Deal: Linux Power User Bundle
Go Back > Forums > Linux Forums > Linux - Networking
User Name
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.


  Search this Thread
Old 10-03-2009, 04:39 PM   #1
Registered: Aug 2004
Location: Canada
Distribution: Debian
Posts: 62

Rep: Reputation: 15
help using iptables to setup a simple transparent proxy

Hello and thanks for the help. I have been reading IPTABLES stuff all morning/afternoon now so I've broken down and decided just to ask for help on this.

What I would like to accomplish is to have my linux box hosted in a datacenter act as a transparent proxy whenever I need it just by entering a line (or few ) into IPTABLES.

So for example, if I was using an application on my home computer that ran on port 56120 using a tcp protocol (and I could configure a proxy for it natively or through other software), I would want my remote linux box to handle the communication from my home computer to the variable destinations the application would make connections to. The point of this being that when I use the application at home, my server ip is what shows up to all my interactions.

As far as I am aware, this is very possible with IPTABLES. Originally I was going to use Privoxy for this, but upon setup it was learned that it doesn't work with non http protocols. Also I learned that SQUID is basically unecessary as well, since IPTABLES can be used just as easily, and I am already using IPTABLES as a sort of firewall and would like to stick to modifying IPTABLES manually and not through a program.

So far I have something like this:

iptables -A POSTROUTING -t nat -p tcp --sport 56120 -j SNAT --to-source

where would of course be my ip at home, which of course is not networked with the linux box.

But I admit, I don't entirely understand what I am doing with that, and I suspect that's only one piece of more that needs to be done. My IPTABLES experience has basically been limited to 'iptables -A INPUT -s -j DROP' and all this nat and FORWARD or POSTROUTING stuff is a bit over my head at the moment -_-

I really need to have a clearer understanding, so if someone would please provide the solution it would really help me wrap my head around it.

Thank you so very much!


Last edited by chibi; 10-03-2009 at 04:44 PM.
Old 10-03-2009, 10:11 PM   #2
Senior Member
Registered: Jun 2008
Location: Eelam
Distribution: Redhat, Solaris, Suse
Posts: 1,272

Rep: Reputation: 148Reputation: 148
iptables -A POSTROUTING -t nat -p tcp --sport 56120 -j SNAT --to-source
change this sport as a dport and try

iptables -t nat -A POSTROUTING -p tcp --dport 443 -j SNAT --to xx.xx.xx.xx (tranparent server ip address)
i am using this for https access at transparent proxy

Last edited by kirukan; 10-03-2009 at 10:13 PM.
Old 10-04-2009, 05:53 PM   #3
Registered: Aug 2004
Location: Canada
Distribution: Debian
Posts: 62

Original Poster
Rep: Reputation: 15
Thanks for replying, Kirukan. To clarify, is that what the IPTABLES of the server need to have? Looking at it, it makes me think that's something my home computer would be doing..


iptables, proxy

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
setup transparent proxy kirukan Linux - Server 10 02-15-2009 06:51 PM
Squid transparent proxy with iptables cksoo Linux - Server 5 06-12-2008 03:53 AM
IPTABLES for squid (Transparent proxy) kool_kid Linux - Networking 14 10-29-2007 10:45 AM
IPTABLES, SQUID, DANSGUARDIAN and Transparent Proxy metallica1973 Linux - Networking 18 09-03-2007 07:17 PM
Iptables+transparent Proxy seitan Linux - Networking 11 12-13-2004 08:42 PM

All times are GMT -5. The time now is 02:17 AM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration