Share your knowledge at the LQ Wiki.
Go Back > Forums > Linux Forums > Linux - Networking
User Name
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.


  Search this Thread
Old 02-09-2005, 11:53 PM   #1
LQ Newbie
Registered: Feb 2005
Posts: 5

Rep: Reputation: 0
iptables, DansGuardian, and Squid.

Hello I am trying to setup DansGuardian and Squid with no luck. Could some one please help me with my iptables config?

I am using Nat

eth1 is my public IP 63.119.169.XX
eth0 is my private IP

I am trying to set it up so all http requests on port 80 are sent to a transparent proxy (port 3128) and to DansGuardian (port 8080)

Here is the sample config from the site, however I cannot figure out how to change it so my NAT will still work.

Once you have Squid and DansGuardian set up, the final step is to implement a transparent proxy using iptables. Use the following commands at the command line to add rules to the firewall to allow the user squid to access both the Internet and the Squid proxy we set up.

iptables -t nat -A OUTPUT -p tcp --dport 80 -m owner --uid-owner squid -j ACCEPT

iptables -t nat -A OUTPUT -p tcp --dport 3128 -m owner --uid-owner squid -j ACCEPT

The next command redirects Internet traffic from all users, other than squid and any exempt users, to the filter on port 8080:

iptables -t nat -A OUTPUT -p tcp --dport 80 -j REDIRECT --to-ports 8080

Since we have a proxy server set up, a user could configure a Web browser to bypass the filter and access the proxy directly. The Squid proxy is listening for requests from the computer, and it doesn't care which user sends the request. We could set up our firewall to deny all access to the proxy except from our filter, but let's be a little sneakier. Let's set it up so that direct requests to the Squid proxy server, except from our filter, get redirected through the filter. To do this, use the following command:

iptables -t nat -A OUTPUT -p tcp --dport 3128 -j REDIRECT --to-ports 8080

Any help would be great.
Old 02-10-2005, 10:04 AM   #2
LQ Newbie
Registered: Feb 2005
Posts: 5

Original Poster
Rep: Reputation: 0
So basicly Im looking for the iptables commands to setup NAT, Squid and DansGuard.

eth1 is my public IP 63.119.169.XX
eth0 is my private IP

Thanks in advance.


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Proxy won't let me connect, iptables, squid and dansguardian hindenbergbaby Linux - Networking 4 12-02-2009 04:45 AM
Dansguardian/Squid HELP! Prizam Linux - Software 3 09-23-2005 07:30 PM
squid and dansguardian safe ports gone nickcol11 Linux - Networking 0 12-21-2004 05:32 PM
DansGuardian/Squid/SquidGuardian problems :-( Sn7 Linux - Security 1 06-21-2004 10:22 AM
DansGuardian, Squid, and Firewall rules jwgeurk Linux - Networking 7 06-18-2004 03:26 AM > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 02:29 PM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration