LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Slackware
User Name
Password
Slackware This Forum is for the discussion of Slackware Linux.

Notices


Reply
  Search this Thread
Old 04-14-2010, 06:46 AM   #1
acmal
LQ Newbie
 
Registered: Jan 2007
Posts: 13

Rep: Reputation: 0
Ask: how to force packet from guestOS go to HostOS proxy port


I am using VirtualBox as virtualization machine. My topology is:

Quote:

Internet=====(eth0)HostOS=SLackware(eth1,br0)=====(eth0)GuestOS=slackware

Condition each OS:

HostOS:
eth0 = 192.168.7.80/24
Gateway = 192.168.7.1
eth1 = 10.10.20.1/27
br0 = 10.10.20.3/27 <--- bound to eth1
Running squid proxy server at port 8080
Has a NAT rule:
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE


GuestOS:
eth0 = 10.10.20.2/27 <--- bridge to br0
Gateway = 10.10.20.1

Squid is running normally, because when i try to access http page with manual proxy direct to 10.10.20.1:8080, it's work. Squid log show browsing activity from GuestOS.

I want to force destination port 80 packet from GuestOS to turn into port 8080 squid. Then i make a new rule:

Quote:
iptables -t nat -A PREROUTING -p tcp --dport -i eth1 -j REDIRECT --to-port 8080
While try browsing from GuestOS (it's success get a web page), i look at squid log. I do not found log from GuestOS browsing activity. Then i change in interface from eth1 to br0:

Quote:
iptables -t nat -D PREROUTING 1
Quote:
iptables -t nat -A PREROUTING -p tcp --dport -i br0 -j REDIRECT --to-port 8080
Then try again browsing, this time i get connection refused. So i am confuse that packet from GuestOS entering to HostOS via which interface. Or maybe there is another way to make transparant proxy for that condition.

Thanks before for help

Last edited by acmal; 04-14-2010 at 06:48 AM.
 
Old 04-14-2010, 12:40 PM   #2
HasC
Member
 
Registered: Oct 2009
Location: South America - Paraguay
Distribution: Debian 5 - Slackware 13.1 - Arch - Some others linuxes/*BSDs through KVM and Xen
Posts: 329

Rep: Reputation: 55
Quote:
Originally Posted by acmal View Post
Code:
iptables -t nat -A PREROUTING -p tcp --dport <missing> -i eth1 -j REDIRECT --to-port 8080 
iptables -t nat -A PREROUTING -p tcp --dport <missing> -i br0 -j REDIRECT --to-port 8080
First, you're missing the destination port. Or that's just a typo?
 
Old 04-14-2010, 04:32 PM   #3
Gerard Lally
Senior Member
 
Registered: Sep 2009
Location: Brú na Bóinne, IE
Distribution: Slackware, NetBSD
Posts: 1,545

Rep: Reputation: 1022Reputation: 1022Reputation: 1022Reputation: 1022Reputation: 1022Reputation: 1022Reputation: 1022Reputation: 1022
Have you compiled Squid with transparent proxy support?
 
Old 04-14-2010, 08:51 PM   #4
acmal
LQ Newbie
 
Registered: Jan 2007
Posts: 13

Original Poster
Rep: Reputation: 0
Quote:
Originally Posted by HasC View Post
First, you're missing the destination port. Or that's just a typo?
yes, i am sorry, it's a typo, i mean like this:

Quote:
iptables -t nat -A PREROUTING -p tcp --dport 80 -i eth1 -j REDIRECT --to-port 8080

iptables -t nat -A PREROUTING -p tcp --dport 80 -i br0 -j REDIRECT --to-port 8080
thanks for correction

Quote:
Originally Posted by gezley View Post
Have you compiled Squid with transparent proxy support?
yes, my squid compiled with transparent proxy
 
Old 04-15-2010, 01:05 AM   #5
mRgOBLIN
Slackware Contributor
 
Registered: Jun 2002
Location: New Zealand
Distribution: Slackware
Posts: 999

Rep: Reputation: 229Reputation: 229Reputation: 229
Have you allowed that subnet access to your proxy in the squid.conf?
 
Old 04-15-2010, 09:50 AM   #6
acmal
LQ Newbie
 
Registered: Jan 2007
Posts: 13

Original Poster
Rep: Reputation: 0
Quote:
Originally Posted by mRgOBLIN View Post
Have you allowed that subnet access to your proxy in the squid.conf?
yes i have, like below:

Quote:
acl mynet src 10.10.20.0/27
http_access allow mynet
icp_access allow mynet
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Directing packet from one port to another port of another machine anjinpradhan Linux - Networking 4 04-25-2009 03:56 PM
help on how-to force set browser to proxy server rude_reality Linux - Networking 7 05-15-2008 01:43 PM
Brute force using proxy lists snowman81 Linux - Security 2 01-11-2007 07:35 PM
how can I force port 80 to a proxy server using iptables scheney Linux - Security 1 10-21-2005 01:25 PM
Suse Host, vmware winxp guestOS, port forwarding question kazuni Linux - Networking 1 07-22-2003 02:32 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Slackware

All times are GMT -5. The time now is 09:58 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration