iptables - forward traffic through squid when connected via openvpn
Hi everybody,
I recently set up a server at home that has a squid proxy and also managed to connect clients via openvpn. Both work well for themselves, but it seems whenever I connect through the VPN, the http traffic does not get forwarded to squid (no entries in access.log, blocked sites accessible). I do not know my way around iptables too much and was glad that I managed to redirect the non-VPN traffic through squid. But here at this combination, I am lost. Tried my best finding the solution but iptables itself is a beast already and in combination with squid and openvpn it does not get easier. eth0 is my "normal" network interface, tun is the openvpn one. For the tests, I deactivated the general drop rules: Code:
*nat I tried copying the PREROUTING rule with -i tun+, but it does not work. Can anyone please help me here? Thanks. |
What does ifconfig show?
|
Quote:
this is the output of ifconfig: Code:
eth0 Link encap:Ethernet HWaddr b8:27:eb:3f:f2:db |
figured that one out myself, finally :)
prerouting port 80 tun+ traffic to the ip and port of my squid (which implies eth0), masquerading: Code:
iptables -t nat -A PREROUTING -p tcp --dport 80 -i tun+ -j DNAT --to 192.168.1.20:3128 Code:
acl localnet src 10.0.0.0/8 |
Are you sure you want 10.0.0.0/8? Seems pretty wide, when your tun is 10.8.0.0. I'd be interested if it works ok with 'acl localnet src 10.8.0.0/16' or even 10.8.0.0/24.
|
All times are GMT -5. The time now is 01:28 PM. |