Saturday, July 7, 2012

Transparent proxy Setup


I don't know whether it is a certified terminology or not, but the system which is famous as transparent proxy is very interesting. If u don't want to annoy your clients for the proxy updates like port change server address change. Here in this configuration the user will acess through a proxy without any configuration (its not about auto proxy file or auto proxy protocol). Although auto proxy gives the same thing but in that case you have to configure the DNS also.

  The main hack used here is the packet redirection. All the http packets coming to the Router is redirected to the proxy port of the server.

Redirect the all HTTP traffic (Editing iptables of router)
If you would like to redirect the all HTTP traffic through the proxy without needing to set up a proxy manually in all your applications you will need to add some rules

iptables -t nat -A PREROUTING -i eth1 -p tcp -m tcp --dport 80 -j DNAT --to-destination 192.168.0.1:3128
iptables -t nat -A PREROUTING -i eth0 -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 3128

Where eth1,eth0 are the LAN, WAN devices and 192.168.0.1 is the IP address of your LAN device.

I guess  this is enough for geeks, rest of the things are easy but this will block all other ports like ftp smtp pop, so you have to configure for all these ports also.




1 comment:

  1. The information on this blog is very useful and very interesting. If someone needs to know about the just click.
    access Bee MP3 in UK

    ReplyDelete