Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-ports 3128
service iptables save
This will send any requests for http port 80 to squid on this machine, and save the rule for later.
You should also seriously look at getting some better rules if you are acting as a gateway for a Lan behind you.
Have a look at this tutorial and this firewall tool... http://firestarter.sourceforge.net/
Actually, no machines will be proxying through this box. This setup is strictly for development/test purposes.
The rule you stated is all over the net.... Even w/ that rule I am not redirected. If I bring up a browser on the same machine running iptables and squid with the rule you stated enabled I am not redirected to port 3128.
What happens if you set the browser's proxy setting to your outgoing ip number and port 80?
Usually, if you send proxy request headers to squid, it will honour them.
Just now have to find out which component needs to be tweaked...
Add a rule via lokkit to ACCEPT 3128 tcp for interfaces lo & local lan interface.
If I set my browser to use http://:127.0.0.1:3128 everything works fine. I am trying to avoid having to add anything to the browser which is why I need iptables...
I'll give your suggestion a shot and let you know....
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.