Privoxy can not listen address 127.0.0.3 -- NAT filtering

intmail01 · 07-20-2019, 04:21 AM

Hi,

I use privoxy server which listen to the IP address 10.0.0.1:8118 on wlan0 interface. In normal use any client can access the server.

This IP/interface is not always in use and sometimes down then privoxy wont run when an listen address does not exist.
I need privoxy always running because some program use it in other interfaces then I use a trick to have permanent IP.

The trick is I try to use another permanent IP 127.0.0.3:8118 then route 10.0.0.1:8118 traffic to it. I set privoxy to listen 127.0.0.3:8118. The NAT filtering are:

Code:

iptables -t nat -A PREROUTING  -i wlan0 -p tcp -m multiport --destination-ports 8118 -j DNAT --to-destination 127.0.0.3:8118
iptables -A FORWARD -i wlan0 -p tcp -m multiport --destination-ports 8118 -d 127.0.0.3 -j ACCEPT

It does not work once the wlan0 is up, remote client can not access internet. Could someone tell my why ?

nini09 · 07-24-2019, 03:04 PM

Do you mean that privoxy will exit when IP address is gone or interface is down?

intmail01 · 07-24-2019, 03:14 PM

Quote:

Originally Posted by nini09

Do you mean that privoxy will exit when IP address is gone or interface is down?

Yes. User manual says "If the specified address isn't available on the system, or if the hostname can't be resolved, Privoxy will fail to start."

nini09 · 07-26-2019, 03:25 PM

Quote:

Yes. User manual says "If the specified address isn't available on the system, or if the hostname can't be resolved, Privoxy will fail to start."

The fail to start doesn't mean that it will exit. It should be Ok. If IP address or interface is gone, your solution can't solve the issue too. Traffic still is failure.

intmail01 · 07-30-2019, 07:04 AM

Quote:

Originally Posted by nini09

The fail to start doesn't mean that it will exit. It should be Ok. If IP address or interface is gone, your solution can't solve the issue too. Traffic still is failure.

It will exit. To check it run command:

Code:

 ps -aux | grep privoxy

nini09 · 08-02-2019, 04:49 PM

Which one cause exit, listen address or hostname?

intmail01 · 08-03-2019, 09:21 AM

There is no hostname in my configuration file of privoxy, just listen-address

nini09 · 08-06-2019, 02:30 PM

You are better to specify the hostname. For your case, it could cause exit if hostname resolve is failure.

intmail01 · 08-07-2019, 04:39 AM

which hostname ? all are IP address

nini09 · 08-07-2019, 02:26 PM

7.3.3. hostname

Specifies:

The hostname shown on the CGI pages.
Type of value:

Text
Default value:

Unset
Effect if unset:

The hostname provided by the operating system is used.
Notes:

On some misconfigured systems resolving the hostname fails or takes too much time and slows Privoxy down. Setting a fixed hostname works around the problem.

In other circumstances it might be desirable to show a hostname other than the one returned by the operating system. For example if the system has several different hostnames and you don't want to use the first one.

Note that Privoxy does not validate the specified hostname value.