How to wrap traffic on privoxy on the gateway?

D

Dmitry Vyatkin2015-01-21 06:53:19

linux

Dmitry Vyatkin, 2015-01-21 06:53:19

I'm trying to wrap traffic on privoxy with the rule iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 80 -j REDIRECT --to-port 8118. There is one client connected to the gateway at a static ip address, the Internet is distributed via SNAT, the Internet works before the rule is applied, there are no rules in the iptables filter table, the machines run on VirtualBox, both are running debian. What needs to be done so that traffic from the local network passes through privoxy?
privoxy config
# Generally, this file goes in /etc/privoxy/config
#
# Tor listens as a SOCKS4a proxy here:
forward-socks4a / 127.0.0.1:9050 .
confdir /etc/privoxy
logdir /var/log/privoxy
# actionsfile standard # Internal purpose, recommended
actionsfile default.action # Main actions file
actionsfile user.action # User customizations
filterfile default.filter
# Don't log interesting things, only startup messages, warnings and errors
logfile logfile
#jarfile jarfile
#debug 0 # show each GET/POST/CONNECT request
debug 4096 # Startup banner and warnings
debug 8192 # Errors - *we highly recommended enabling this*
user-manual /usr/share/doc/privoxy/user-manual
listen-address 127.0.0.1:8118
toggle 1
enable-remote-toggle 0
enable-edit-actions 0
enable-remote-http-toggle 0
buffer-limit 4096
accept-intercepted-requests 1

Reply

Answer the question

In order to leave comments, you need to log in

1 answer(s)

D

Dmitry Pavlov, 2015-01-29
@Dimonyga

replace listen-address 127.0.0.1:8118
with listen-address *:8118
otherwise nothing will work.
Next - see the PREROUTING rule chain, in extreme cases, add the rule like this:
iptables -t nat -I PREROUTING -i eth1 -p tcp --dport 80 -j REDIRECT --to-port 8118
This will put the rule first in the chain.