Menu
What's new
By:
Filters Better Search

transparent proxy squid

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

First thought is to set a forward rule in the GUI (WAN->Port Forwarding).

Also a little more detail would help.
 
thank you. i want to redirect http traffic to transparent proxy on 192.168.0.15:7766. tried with prerouting on iptables w/o success..
 
From the WAN? Using the port forwarding section I referred to will do the job.
 
Ahh, gotcha.
 
Assuming you are using squid as a reverse proxy of sorts for web traffic, add the squid server fqdn name and address in /jffs/configs/hosts.add file and restart dnsmasq.
 
jamesbo said:
no just local traffic. i am not interested in rev proxy just squid cache for my lan.
Click to expand...
As most web traffic is HTTPS you will get certificate errors if you simply try to redirect traffic to squid. You need to set the proxy details in the clients' browser settings. That might be possible by using WPAD but that is disabled by default in the router's DHCP server.
 
jamesbo said:
thank you. i want to redirect http traffic to transparent proxy on 192.168.0.15:7766. tried with prerouting on iptables w/o success..
Click to expand...
Old school idea.
It was good when everything was http.
Now everything is https, so It won't easily work.
I suggest to abandon the idea and configure the clients to use your proxy.
If you really want to do it you need something like this:
  1. Client starts HTTPS session
  2. Proxy transparently intercepts the connection and returns an ad-hoc generated certificate X, signed by a certificate authority that is unconditionally trusted by the client.
  3. Proxy starts HTTPS session to target
  4. Proxy verifies integrity of SSL certificate; displays error if the cert is not valid.
  5. Proxy streams content, decrypts it and re-encrypts it with X
  6. Client displays stuff.
To achieve it you need something like this: http://wiki.squid-cache.org/Features/SslBump
 
Last edited:
Sorry, yeah, I have been using reverse proxies so much lately that it totally went by me that you were setting up a foreward proxy. Sorry about the confusuion that I have caused.

Curious though, is your squid server located on the router (entware) or another machne? Looking at the documentation for squid, the iptables rules to redirect incoming port 80/443 traffic to the squid ports is done on the same machine that is running squid. That makes sense to me.
 
You must log in or register to reply here.

Similar threads

P
Any usefulness for Skynet + pfsense/opnsense in transparent bridge mode?
Replies
12
Views
344
coxhaus
C
E
Internal Asus router IP redirecting to asusrouter.com
Replies
15
Views
1K
Ellenswamy
E
B
Firewall lan - vpn?
Replies
0
Views
279
blast
B
E
Web proxy running locally on ASUS Router
Replies
2
Views
445
glens
G
H
Any Risk In Adding Second IP Address To br0 Interface?
Replies
3
Views
586
drinkingbird
drinkingbird
Similar threads
Thread starter Title Forum Replies Date
E Web proxy running locally on ASUS Router Asuswrt-Merlin 2
RAH-66 curl proxy? Asuswrt-Merlin 4
H Create Proxy to VPN Connection? Asuswrt-Merlin 12
S VPN Fusion cannot implement DNS proxy Asuswrt-Merlin 3

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 1,004 (members: 20, guests: 984)
Top