I'm hoping someone can help me out - I've been tearing my hair out over this!
I have pptpd and squid set up. I want give these users access to the internet, but would like to send http traffic through a squid proxy.
Hopefully this rough diagram will give you an idea of what I'm trying to achieve:
VPN users connect to pptpd
\ | /
http everything else
If I set up the following iptables rule, users can connect to the internet:
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
I can also connect to squid from the local network (e.g. 192.168.1.1:3128).
Now, I was hoping another simple rule would redirect all http traffic through squid:
iptables -t nat -A PREROUTING -i ppp+ -p tcp --dport 80 -j REDIRECT --to-port 3128
But this doesn't seem to work (I'm also hoping ppp+ is the correct formatting for a wildcard). Http traffic is never redirected and bypasses the proxy
Can anyone suggest how to get this working?
I don't really know much about this stuff I'm afraid
I would also love some recommendations for ways in which I can debug the system, e.g. which log files to look at, tcpdump commands etc. I find the iptables documentation extremely bewildering!