SatelliteThief 10-12-2006

Double Proxy with Squid and iptables
Good Day

I am trying to setup a Linux computer with Squid as a proxy server (Proxy A). I need to route all http and https traffic from Proxy A to Proxy B on another reachable network. This is what I have setup so far.

Client -> Proxy A -> Proxy B -> Web Site

I used iptables with the nat table to reroute outgoing traffic from Proxy A as follows: iptables -t nat -A OUTPUT -p tcp --dport 80 -j DNAT --to-destination [ProxyB]:8080
iptables -t nat -A OUTPUT -p tcp --dport 443 -j DNAT --to-destination [ProxyB]:8080

I setup Squid as a proxy and it works with HTTP but when I try to access a HTTPS site my browser gives an error that it can't reach the host.

I can access other HTTPS sites through only 1 proxy eg. Client -> ProxyA -> HTTPS site works but Client -> ProxyA -> ProxyB -> HTTPS site gives an error.
Also Client -> ProxyB -> HTTPS site works.

I can't seem to find the problem and would appreciate any help.


SatelliteThief 10-18-2006

Good Day

It seems I can't use iptables to make linux use a proxy. Does anyone know how to setup Squid to use another proxy to access the web?


