[lug] Transparent proxy on localhost

Michael Hirsch mdhirsch at gmail.com
Tue Aug 21 15:19:28 MDT 2007


On 8/21/07, Zan Lynx <zlynx at acm.org> wrote:
> On Mon, 2007-08-20 at 22:31 -0600, Michael Hirsch wrote:
> > I'm trying to set up a transparent proxy on localhost.  (I'm trying to
> > filter my kids' web browsing.)  I have the proxy all setup and
> > working, but I can't figure out how to get it to happen transparently.
> >  Here's what I've tried:
> [snip]
> > iptables -t nat -i lo -A PREROUTING -p tcp --dport 80 -j LOG
> > iptables -t nat -i lo -A PREROUTING -p tcp --dport 80 -j REDIRECT
> > --to-ports 8080
> >
> > but there's no change in behavior.  The web connection is unfiltered.
> >
> > What am I doing wrong?
>
> Try the nat OUTPUT chain instead.  Connections from the local machine
> are handled specially in both the nat and filter tables.

Thanks.  I'll try that.

Michael



More information about the LUG mailing list