How to forward ports from the internal network to the external network on a gateway with squid?

J

Joseph_Karven2015-10-22 15:05:40

linux

Joseph_Karven, 2015-10-22 15:05:40

Good afternoon!
There is an internal network. Comp (linux) with 2 network interfaces as a gateway. The question is how to configure squid so that it would take a packet from the 80th port of the internal network, run it according to the specified filtering rules and send it to the external network.
As I understand it
, the first: you need to redirect from the internal 80th port to the squid port (3128), the
second: after running through the filter, send the packet to the external 80th port.
It is with the latter that the difficulties arise. Should this redirect rule be set in the squid config or in iptables?
And where are the packets sent after filtering?

Reply

Answer the question

In order to leave comments, you need to log in

3 answer(s)

R

Ruslan Fedoseev, 2015-10-22
@martin74ua

squid transparent proxy
is what you want called.
look, instructions are full

A

Alex, 2015-10-22
@OXDemager

I understand that you just need to wrap traffic to squid, i.e. make a transparent proxy. This is done using DNAT Iptables: iptables -t nat -A OUTPUT -p tcp --dport 80 -j DNAT --to-destination gateway_ip:3128 Specify in the
Squid config: http_port 3128 intercept.

Y

Yuri Yusupbaev, 2015-10-23
@hostraid

1) turn traffic to chain-dstnat proxy src.address your local ip with squid protocol 6(tcp) dst port 80 action accept
2) redirect all traffic to chain-dstnat protocol 6(tcp) dst port 80 action dstnat to address (ip proxy) port 3128