iptables, DansGuardian, and Squid.
Hello I am trying to setup DansGuardian and Squid with no luck. Could some one please help me with my iptables config?
I am using Nat eth1 is my public IP 63.119.169.XX eth0 is my private IP 192.168.1.254 I am trying to set it up so all http requests on port 80 are sent to a transparent proxy (port 3128) and to DansGuardian (port 8080) Here is the sample config from the site, however I cannot figure out how to change it so my NAT will still work. Once you have Squid and DansGuardian set up, the final step is to implement a transparent proxy using iptables. Use the following commands at the command line to add rules to the firewall to allow the user squid to access both the Internet and the Squid proxy we set up. iptables -t nat -A OUTPUT -p tcp --dport 80 -m owner --uid-owner squid -j ACCEPT iptables -t nat -A OUTPUT -p tcp --dport 3128 -m owner --uid-owner squid -j ACCEPT The next command redirects Internet traffic from all users, other than squid and any exempt users, to the filter on port 8080: iptables -t nat -A OUTPUT -p tcp --dport 80 -j REDIRECT --to-ports 8080 Since we have a proxy server set up, a user could configure a Web browser to bypass the filter and access the proxy directly. The Squid proxy is listening for requests from the computer, and it doesn't care which user sends the request. We could set up our firewall to deny all access to the proxy except from our filter, but let's be a little sneakier. Let's set it up so that direct requests to the Squid proxy server, except from our filter, get redirected through the filter. To do this, use the following command: iptables -t nat -A OUTPUT -p tcp --dport 3128 -j REDIRECT --to-ports 8080 Any help would be great. Thanks! Toby |
So basicly Im looking for the iptables commands to setup NAT, Squid and DansGuard.
eth1 is my public IP 63.119.169.XX eth0 is my private IP 192.168.1.254 Thanks in advance. Toby |
All times are GMT -5. The time now is 03:31 AM. |