I have the following setup:
- Host-X (192.168.1.100) running ssh -D so that it can be used as a socks server.
- Host-Y (192.168.1.101) running redsocks configured with Host-X as socks.
They are in the same network together with other machines. I would like to use Host-Y as gateway on some computers to take advantage of redsocks. IP forwarding on Host-Y is enabled.
This is redsocks configuration:
base {
log_info = on;
log = "file:/var/log/redsocks.log";
daemon = on;
redirector = iptables;
}
redsocks {
local_ip = 0.0.0.0;
local_port = 2001;
ip = 192.168.1.100;
port = 2000;
type = socks5;
}
These are my iptables rules:
iptables -t nat -N REDSOCKS
iptables -t nat -A REDSOCKS -d 0.0.0.0/8 -j RETURN
iptables -t nat -A REDSOCKS -d 10.0.0.0/8 -j RETURN
iptables -t nat -A REDSOCKS -d 127.0.0.0/8 -j RETURN
iptables -t nat -A REDSOCKS -d 169.254.0.0/16 -j RETURN
iptables -t nat -A REDSOCKS -d 172.16.0.0/12 -j RETURN
iptables -t nat -A REDSOCKS -d 192.168.0.0/16 -j RETURN
iptables -t nat -A REDSOCKS -d 224.0.0.0/4 -j RETURN
iptables -t nat -A REDSOCKS -d 240.0.0.0/4 -j RETURN
iptables -t nat -A REDSOCKS -p tcp -j REDIRECT --to-port 2001
iptables -t nat -A PREROUTING -i eth0 -p tcp -j REDSOCKS
I can see the traffic coming to redsocks on Host-Y from the log, but I can't browse the Internet on the computers that use Host-Y as gateway. Obviously there are some iptables rules missing, I guess one that send redsocks output traffic to the socks server. Anyone who can help?
Thank you!
