Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [transparent-proxy]

210 questions
1
vote
1 answer

HTTPS is not working in transparent proxy with Squid

I am using Squid proxy 3.1, all systems in the LAN connects to the internet through proxy. Direct connection is blocked using the iptables from the gateway server. There are some devices which does not have options for auto proxy or manual proxy and…
Supratik
  • 2,154
  • 10
  • 51
  • 66
1
vote
3 answers

Transparent proxying leaves sockets with SYN_RCVD in MacOS X 10.6 Snow Leopard (and maybe FreeBSD)

I'm trying to create a transparent proxy on my MacOS machine in order to port the sshuttle ssh-based transproxy VPN from Linux. I think I almost have it working, but sadly, almost is not 100%. Short version is this. In one window, start something…
apenwarr
  • 2,142
  • 1
  • 11
  • 11
1
vote
2 answers

Transparent HTTPS proxy with squid using SNI

Final update: I ended up using nginx as squid proved to be difficult to work with, see last update at the end for more detail What I'm trying to do is setting up a transparent HTTPS proxy with squid using SNI (without decrypting), but it is not…
Alireza Dastyar
  • 13
  • 3
1
vote
3 answers

Transparent Squid : Logging client ip problem

I am using the following rules in iptables in my network to use a transparent proxy * iptables -t nat -A PREROUTING -i eth0 -s ! squid-box -p tcp --dport 80 -j DNAT --to squid-box:3128 * iptables -t nat -A POSTROUTING -o eth0 -s local-network -d…
llazzaro
  • 421
  • 4
  • 16
1
vote
1 answer

Problem installing IP-Filters MAC for transparent proxy

Am trying to compile squid to allow transparency using this command ./configure --enable-ipf-transparent on a MAC mini running 10.5.8 am getting a error WARNING: Cannot find necessary IP-Filter header files Transparent Proxy support…
Gatura
  • 573
  • 3
  • 10
  • 24
1
vote
0 answers

How can I make TPROXY option in iptables work when the destination proxy address is a non-local one?

I installed a TPROXY server in my router that forwards the traffic to a SOCKS5 server. The router has the address 192.168.1.1 and my PC has the address 192.168.1.33. Also, I have a local bridge "virbr0" in PC side that forwards traffic to a virtual…
phantomcraft
  • 133
  • 5
1
vote
1 answer

Setting up a transparent proxy across network namespaces: failed to get target destination address

I'm trying to setup a transparent proxy across network namespaces. First I create the network namespaces, virtual ethernet devices and enable forwarding inside one of the namespaces: ip netns add nsx ip netns add nsy ip link add vethx type veth peer…
phantomcraft
  • 133
  • 5
1
vote
0 answers

How can I route a specific local device through a proxy? (Smart TV with no available proxy configuration, only gateway+dns)

Current Setup https://i.stack.imgur.com/2w5Nd.png Currently just running a pi-hole DNS, and a lighttpd server on port 80 to access pi-hole admin web interface. I have made a DHCP reservation on my router for my RPi (10.0.0.10). What I want to…
James Lemieux
  • 111
  • 1
1
vote
1 answer

Nginx stream block with wildcard filtering of subdomains

I have set up an Nginx server as L4 Proxy(Forward Proxy With Stream Module), with the following configuration in the nginx.conf file; stream { resolver 8.8.8.8; server { listen 443; ssl_preread on; proxy_connect_timeout 5s; …
Zareh Kasparian
  • 753
  • 5
  • 20
1
vote
0 answers

TPROXY interferes DNAT port forwarding rules

I'm setting up TPROXY on my VyOS router to forward certain traffic to a local transparent proxy. It works pretty well, until I discovered that all of my DNAT port forwarding rules are no longer working (connection timeout when connecting from…
GreenVine
  • 23
  • 4
1
vote
0 answers

iptables: Route outgoing requests to a local proxy preserving destination address and port

I want the proxy to make some routing decisions based on the original destination IP and port. I can do this easily for an incoming request: iptables -t mangle -A PREROUTING -p tcp --destination 10.37.253.90 \ --dport 8080 -j TPROXY --on-port…
Arindam Mukherjee
  • 111
  • 3
1
vote
0 answers

Conntrack not showing iptables redirected flow

I have a client and server. At Server I have a redirect rule to redirect all incoming flows to port 15006. Client IP: 10.20.3.53 ServerIP : 10.20.3.63 I have the following iptables rules on the server(10.20.3.63): # iptables -t nat -nvL…
Invictus
  • 111
  • 2
1
vote
1 answer

Squid HTTP Transparent Proxy for Spoofed DNS Requests

I'm working on a security project which requires a remotely-accessible transparent proxy. I have set up an Azure VM running Ubuntu 18.04 with squid running as a transparent proxy. I'm only concerned with routing external HTTP traffic through the…
cteniform
  • 11
  • 3
1
vote
0 answers

Transparent Proxy with Squid 4.10 not working

Squid 4.10 on Ubuntu Server 20.04 I have tried so many things and spent this entire week researching on how to get this working. To get an idea of what I am trying to do here, take a look at these…
LtMuffin
  • 121
  • 1
  • 4
1
vote
0 answers

iptables tproxy with statistic --mode nth

I`m using squid now. and i run 4 squid for load-balance and i trying to change my iptables rule. this is my current rules. iptables -t nat -A PREROUTING -p tcp --dport 443 -m state --state NEW -m statistic --mode nth --every 4 --packet 0 -j REDIRECT…
hybang
  • 11
  • 2
1 2 3
13 14