squid tproxy does not work
Clash Royale CLAN TAG#URR8PPP
up vote
0
down vote
favorite
I am trying to set up a transparent proxy using squid and centos 6.9, I have built the following configuration:
1- Upgrade linux kernel to 3.16.56 and built with the configuration options:
NF_CONNTRACK=m
NETFILTER_TPROXY=m
NETFILTER_XT_MATCH_SOCKET=m
NETFILTER_XT_TARGET_TPROXY=m
2- build squid 3.1 with --enable-linux-netfilter,
http_port 3128
http_port 3129 tproxy
3- routing configuration:
ip -f inet rule add fwmark 1 lookup 100
ip -f inet route add local default dev eth0 table 100
4- kernel configuration
echo 1 > /proc/sys/net/ipv4/ip_forward
echo 0 > /proc/sys/net/ipv4/conf/default/rp_filter
echo 0 > /proc/sys/net/ipv4/conf/all/rp_filter
echo 0 > /proc/sys/net/ipv4/conf/eth0/rp_filter
5- iptables 1.4.7 configuration:
iptables -t mangle -N DIVERT
iptables -t mangle -A DIVERT -j MARK --set-mark 1
iptables -t mangle -A DIVERT -j ACCEPT
iptables -t mangle -A PREROUTING -p tcp -m socket -j DIVERT
iptables -t mangle -A PREROUTING -p tcp --dport 80 -j TPROXY --tproxy-mark
0x1/0x1 --on-port 3129
iptables -A INPUT -p tcp -m tcp --dport 80 -j ACCEPT
iptables -A INPUT -p udp --dport 3138 -j ACCEPT
iptables -A INPUT -p tcp --dport 3139 -j ACCEPT
the proxy does not work and there are no logs in access.log and cache.log. any help, please.
linux iptables squid
add a comment |Â
up vote
0
down vote
favorite
I am trying to set up a transparent proxy using squid and centos 6.9, I have built the following configuration:
1- Upgrade linux kernel to 3.16.56 and built with the configuration options:
NF_CONNTRACK=m
NETFILTER_TPROXY=m
NETFILTER_XT_MATCH_SOCKET=m
NETFILTER_XT_TARGET_TPROXY=m
2- build squid 3.1 with --enable-linux-netfilter,
http_port 3128
http_port 3129 tproxy
3- routing configuration:
ip -f inet rule add fwmark 1 lookup 100
ip -f inet route add local default dev eth0 table 100
4- kernel configuration
echo 1 > /proc/sys/net/ipv4/ip_forward
echo 0 > /proc/sys/net/ipv4/conf/default/rp_filter
echo 0 > /proc/sys/net/ipv4/conf/all/rp_filter
echo 0 > /proc/sys/net/ipv4/conf/eth0/rp_filter
5- iptables 1.4.7 configuration:
iptables -t mangle -N DIVERT
iptables -t mangle -A DIVERT -j MARK --set-mark 1
iptables -t mangle -A DIVERT -j ACCEPT
iptables -t mangle -A PREROUTING -p tcp -m socket -j DIVERT
iptables -t mangle -A PREROUTING -p tcp --dport 80 -j TPROXY --tproxy-mark
0x1/0x1 --on-port 3129
iptables -A INPUT -p tcp -m tcp --dport 80 -j ACCEPT
iptables -A INPUT -p udp --dport 3138 -j ACCEPT
iptables -A INPUT -p tcp --dport 3139 -j ACCEPT
the proxy does not work and there are no logs in access.log and cache.log. any help, please.
linux iptables squid
add a comment |Â
up vote
0
down vote
favorite
up vote
0
down vote
favorite
I am trying to set up a transparent proxy using squid and centos 6.9, I have built the following configuration:
1- Upgrade linux kernel to 3.16.56 and built with the configuration options:
NF_CONNTRACK=m
NETFILTER_TPROXY=m
NETFILTER_XT_MATCH_SOCKET=m
NETFILTER_XT_TARGET_TPROXY=m
2- build squid 3.1 with --enable-linux-netfilter,
http_port 3128
http_port 3129 tproxy
3- routing configuration:
ip -f inet rule add fwmark 1 lookup 100
ip -f inet route add local default dev eth0 table 100
4- kernel configuration
echo 1 > /proc/sys/net/ipv4/ip_forward
echo 0 > /proc/sys/net/ipv4/conf/default/rp_filter
echo 0 > /proc/sys/net/ipv4/conf/all/rp_filter
echo 0 > /proc/sys/net/ipv4/conf/eth0/rp_filter
5- iptables 1.4.7 configuration:
iptables -t mangle -N DIVERT
iptables -t mangle -A DIVERT -j MARK --set-mark 1
iptables -t mangle -A DIVERT -j ACCEPT
iptables -t mangle -A PREROUTING -p tcp -m socket -j DIVERT
iptables -t mangle -A PREROUTING -p tcp --dport 80 -j TPROXY --tproxy-mark
0x1/0x1 --on-port 3129
iptables -A INPUT -p tcp -m tcp --dport 80 -j ACCEPT
iptables -A INPUT -p udp --dport 3138 -j ACCEPT
iptables -A INPUT -p tcp --dport 3139 -j ACCEPT
the proxy does not work and there are no logs in access.log and cache.log. any help, please.
linux iptables squid
I am trying to set up a transparent proxy using squid and centos 6.9, I have built the following configuration:
1- Upgrade linux kernel to 3.16.56 and built with the configuration options:
NF_CONNTRACK=m
NETFILTER_TPROXY=m
NETFILTER_XT_MATCH_SOCKET=m
NETFILTER_XT_TARGET_TPROXY=m
2- build squid 3.1 with --enable-linux-netfilter,
http_port 3128
http_port 3129 tproxy
3- routing configuration:
ip -f inet rule add fwmark 1 lookup 100
ip -f inet route add local default dev eth0 table 100
4- kernel configuration
echo 1 > /proc/sys/net/ipv4/ip_forward
echo 0 > /proc/sys/net/ipv4/conf/default/rp_filter
echo 0 > /proc/sys/net/ipv4/conf/all/rp_filter
echo 0 > /proc/sys/net/ipv4/conf/eth0/rp_filter
5- iptables 1.4.7 configuration:
iptables -t mangle -N DIVERT
iptables -t mangle -A DIVERT -j MARK --set-mark 1
iptables -t mangle -A DIVERT -j ACCEPT
iptables -t mangle -A PREROUTING -p tcp -m socket -j DIVERT
iptables -t mangle -A PREROUTING -p tcp --dport 80 -j TPROXY --tproxy-mark
0x1/0x1 --on-port 3129
iptables -A INPUT -p tcp -m tcp --dport 80 -j ACCEPT
iptables -A INPUT -p udp --dport 3138 -j ACCEPT
iptables -A INPUT -p tcp --dport 3139 -j ACCEPT
the proxy does not work and there are no logs in access.log and cache.log. any help, please.
linux iptables squid
asked May 28 at 7:41
Wael Dahab
11
11
add a comment |Â
add a comment |Â
active
oldest
votes
active
oldest
votes
active
oldest
votes
active
oldest
votes
active
oldest
votes
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f446427%2fsquid-tproxy-does-not-work%23new-answer', 'question_page');
);
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password