pf: Forwarding all packets on port 80 from any interface to SOCKS proxy
Clash Royale CLAN TAG#URR8PPP
.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty margin-bottom:0;
I'm trying to forward any packets on port 80 from any interface to my SOCKS proxy (Server). I'm not sure if I have it set up correctly but I can't get it to forward the packets.
I create a SOCKS proxy like so on Machine A:
ssh -D 5948 user@server
This allows me to access the Internet via my SOCKS proxy if I change the proxy settings in chrome.
This is fine, except I connect a device (Device B) to Machine A using Bluetooth that I want to access the Internet via the SOCKS proxy from that device going through my machine.
+---------------+ +---------------+ +--------------+
| | | | | |
| | | | | |
Internet | Server <----+ Machine A <----+ Device B |
| | | | | |
| | | | | |
+---------------+ +---------------+ +--------------+
Connected via Bluetooth
The connection and Internet sharing via bluetooth is working fine, except rather than using the SOCKS proxy it's using my ISP.
Instead what I want to do is use pf
to forward any packet from any interface on port 80 to my SOCKS proxy.
I've attempted this by creating an anchor file with the following:
rdr pass inet proto tcp from any to any port 80 -> 127.0.0.1 port 5948
I included the anchor in pf.conf
and enable forwarding on all interfaces like so:
net.inet.ip.forwarding=1
net.inet6.ip6.forwarding=1
The forwarding isn't happening and I can only assume my pf
rule is incorrect. I've validated it using:
sudo pfctl -vnf /etc/pf.anchors/org.jj.forwarding
Any ideas where I'm going wrong?
networking freebsd firewall pf
add a comment |
I'm trying to forward any packets on port 80 from any interface to my SOCKS proxy (Server). I'm not sure if I have it set up correctly but I can't get it to forward the packets.
I create a SOCKS proxy like so on Machine A:
ssh -D 5948 user@server
This allows me to access the Internet via my SOCKS proxy if I change the proxy settings in chrome.
This is fine, except I connect a device (Device B) to Machine A using Bluetooth that I want to access the Internet via the SOCKS proxy from that device going through my machine.
+---------------+ +---------------+ +--------------+
| | | | | |
| | | | | |
Internet | Server <----+ Machine A <----+ Device B |
| | | | | |
| | | | | |
+---------------+ +---------------+ +--------------+
Connected via Bluetooth
The connection and Internet sharing via bluetooth is working fine, except rather than using the SOCKS proxy it's using my ISP.
Instead what I want to do is use pf
to forward any packet from any interface on port 80 to my SOCKS proxy.
I've attempted this by creating an anchor file with the following:
rdr pass inet proto tcp from any to any port 80 -> 127.0.0.1 port 5948
I included the anchor in pf.conf
and enable forwarding on all interfaces like so:
net.inet.ip.forwarding=1
net.inet6.ip6.forwarding=1
The forwarding isn't happening and I can only assume my pf
rule is incorrect. I've validated it using:
sudo pfctl -vnf /etc/pf.anchors/org.jj.forwarding
Any ideas where I'm going wrong?
networking freebsd firewall pf
add a comment |
I'm trying to forward any packets on port 80 from any interface to my SOCKS proxy (Server). I'm not sure if I have it set up correctly but I can't get it to forward the packets.
I create a SOCKS proxy like so on Machine A:
ssh -D 5948 user@server
This allows me to access the Internet via my SOCKS proxy if I change the proxy settings in chrome.
This is fine, except I connect a device (Device B) to Machine A using Bluetooth that I want to access the Internet via the SOCKS proxy from that device going through my machine.
+---------------+ +---------------+ +--------------+
| | | | | |
| | | | | |
Internet | Server <----+ Machine A <----+ Device B |
| | | | | |
| | | | | |
+---------------+ +---------------+ +--------------+
Connected via Bluetooth
The connection and Internet sharing via bluetooth is working fine, except rather than using the SOCKS proxy it's using my ISP.
Instead what I want to do is use pf
to forward any packet from any interface on port 80 to my SOCKS proxy.
I've attempted this by creating an anchor file with the following:
rdr pass inet proto tcp from any to any port 80 -> 127.0.0.1 port 5948
I included the anchor in pf.conf
and enable forwarding on all interfaces like so:
net.inet.ip.forwarding=1
net.inet6.ip6.forwarding=1
The forwarding isn't happening and I can only assume my pf
rule is incorrect. I've validated it using:
sudo pfctl -vnf /etc/pf.anchors/org.jj.forwarding
Any ideas where I'm going wrong?
networking freebsd firewall pf
I'm trying to forward any packets on port 80 from any interface to my SOCKS proxy (Server). I'm not sure if I have it set up correctly but I can't get it to forward the packets.
I create a SOCKS proxy like so on Machine A:
ssh -D 5948 user@server
This allows me to access the Internet via my SOCKS proxy if I change the proxy settings in chrome.
This is fine, except I connect a device (Device B) to Machine A using Bluetooth that I want to access the Internet via the SOCKS proxy from that device going through my machine.
+---------------+ +---------------+ +--------------+
| | | | | |
| | | | | |
Internet | Server <----+ Machine A <----+ Device B |
| | | | | |
| | | | | |
+---------------+ +---------------+ +--------------+
Connected via Bluetooth
The connection and Internet sharing via bluetooth is working fine, except rather than using the SOCKS proxy it's using my ISP.
Instead what I want to do is use pf
to forward any packet from any interface on port 80 to my SOCKS proxy.
I've attempted this by creating an anchor file with the following:
rdr pass inet proto tcp from any to any port 80 -> 127.0.0.1 port 5948
I included the anchor in pf.conf
and enable forwarding on all interfaces like so:
net.inet.ip.forwarding=1
net.inet6.ip6.forwarding=1
The forwarding isn't happening and I can only assume my pf
rule is incorrect. I've validated it using:
sudo pfctl -vnf /etc/pf.anchors/org.jj.forwarding
Any ideas where I'm going wrong?
networking freebsd firewall pf
networking freebsd firewall pf
edited Oct 29 '16 at 15:37
BugHunterUK
asked Oct 29 '16 at 15:32
BugHunterUKBugHunterUK
178119
178119
add a comment |
add a comment |
1 Answer
1
active
oldest
votes
As you have enable forwarding adding a following iptable rule should work
iptables -t nat -A PREROUTING -i bl1 -p tcp --dport 80 -j DNAT --to
127.0.0.1:5948
bl1 is your bluetooth interface
1
iptables in inappropriate. The thread starter is likely using BSD as they referred to pfctl instead of iptables or firewalld. Your answer might well work for Linux, but not for BSD
– soph
Mar 15 at 15:14
add a comment |
Your Answer
StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "106"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);
else
createEditor();
);
function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);
);
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f319734%2fpf-forwarding-all-packets-on-port-80-from-any-interface-to-socks-proxy%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
As you have enable forwarding adding a following iptable rule should work
iptables -t nat -A PREROUTING -i bl1 -p tcp --dport 80 -j DNAT --to
127.0.0.1:5948
bl1 is your bluetooth interface
1
iptables in inappropriate. The thread starter is likely using BSD as they referred to pfctl instead of iptables or firewalld. Your answer might well work for Linux, but not for BSD
– soph
Mar 15 at 15:14
add a comment |
As you have enable forwarding adding a following iptable rule should work
iptables -t nat -A PREROUTING -i bl1 -p tcp --dport 80 -j DNAT --to
127.0.0.1:5948
bl1 is your bluetooth interface
1
iptables in inappropriate. The thread starter is likely using BSD as they referred to pfctl instead of iptables or firewalld. Your answer might well work for Linux, but not for BSD
– soph
Mar 15 at 15:14
add a comment |
As you have enable forwarding adding a following iptable rule should work
iptables -t nat -A PREROUTING -i bl1 -p tcp --dport 80 -j DNAT --to
127.0.0.1:5948
bl1 is your bluetooth interface
As you have enable forwarding adding a following iptable rule should work
iptables -t nat -A PREROUTING -i bl1 -p tcp --dport 80 -j DNAT --to
127.0.0.1:5948
bl1 is your bluetooth interface
answered Oct 30 '16 at 6:03
8zero2.ops8zero2.ops
1762
1762
1
iptables in inappropriate. The thread starter is likely using BSD as they referred to pfctl instead of iptables or firewalld. Your answer might well work for Linux, but not for BSD
– soph
Mar 15 at 15:14
add a comment |
1
iptables in inappropriate. The thread starter is likely using BSD as they referred to pfctl instead of iptables or firewalld. Your answer might well work for Linux, but not for BSD
– soph
Mar 15 at 15:14
1
1
iptables in inappropriate. The thread starter is likely using BSD as they referred to pfctl instead of iptables or firewalld. Your answer might well work for Linux, but not for BSD
– soph
Mar 15 at 15:14
iptables in inappropriate. The thread starter is likely using BSD as they referred to pfctl instead of iptables or firewalld. Your answer might well work for Linux, but not for BSD
– soph
Mar 15 at 15:14
add a comment |
Thanks for contributing an answer to Unix & Linux Stack Exchange!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f319734%2fpf-forwarding-all-packets-on-port-80-from-any-interface-to-socks-proxy%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown