LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
Search this Thread
Old 08-21-2010, 10:35 AM   #1
silentwol
LQ Newbie
 
Registered: Jun 2009
Posts: 3

Rep: Reputation: 0
IPTABLES: routing VPN users through transparent Squid


Hello all!

I'm hoping someone can help me out - I've been tearing my hair out over this!

I have pptpd and squid set up. I want give these users access to the internet, but would like to send http traffic through a squid proxy.

Hopefully this rough diagram will give you an idea of what I'm trying to achieve:

Code:
VPN users connect to pptpd
    \ | /
      |
      |
     / \
 http   everything else
   |     |
   |     |
   |     |
squid    |
   |     |
    \   /
     \ /
      |
     NAT
      |
  internet
If I set up the following iptables rule, users can connect to the internet:
Code:
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
I can also connect to squid from the local network (e.g. 192.168.1.1:3128).

Now, I was hoping another simple rule would redirect all http traffic through squid:
Code:
iptables -t nat -A PREROUTING -i ppp+ -p tcp --dport 80 -j REDIRECT --to-port 3128
But this doesn't seem to work (I'm also hoping ppp+ is the correct formatting for a wildcard). Http traffic is never redirected and bypasses the proxy

Can anyone suggest how to get this working?

I don't really know much about this stuff I'm afraid I would also love some recommendations for ways in which I can debug the system, e.g. which log files to look at, tcpdump commands etc. I find the iptables documentation extremely bewildering!

Thanks!

Last edited by silentwol; 08-21-2010 at 10:36 AM.
 
Old 08-22-2010, 02:07 PM   #2
nimnull22
Senior Member
 
Registered: Jul 2009
Distribution: OpenSuse 11.1, Fedora 14, Ubuntu 12.04/12.10, FreeBSD 9.0
Posts: 1,571

Rep: Reputation: 92
Your rule looks correct except for "-i ppp+" - input interface.
You can type - "ifconfig -a" to see all interfaces and put one belongs to TUN.

I thing the problem is there.
 
  


Reply

Tags
iptables, poptop, pptpd, proxy, squid, vpn


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Squid transparent proxy with iptables cksoo Linux - Server 5 06-12-2008 03:53 AM
IPTABLES for squid (Transparent proxy) kool_kid Linux - Networking 14 10-29-2007 10:45 AM
IPTABLES, SQUID, DANSGUARDIAN and Transparent Proxy metallica1973 Linux - Networking 18 09-03-2007 07:17 PM
Squid and iptables---transparent proxying Woodsman Slackware 9 09-30-2006 02:49 PM
SQUID as Httpd-accelerator, 2webservers, transparent routing problem. Pls help! sailor Linux - Networking 6 10-16-2003 10:08 AM


All times are GMT -5. The time now is 03:45 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration