[lug] Transparent proxy on localhost
Michael Hirsch
mdhirsch at gmail.com
Mon Aug 20 22:31:16 MDT 2007
I'm trying to set up a transparent proxy on localhost. (I'm trying to
filter my kids' web browsing.) I have the proxy all setup and
working, but I can't figure out how to get it to happen transparently.
Here's what I've tried:
modprobe iptable_nat
echo 1 > /proc/sys/net/ipv4/ip_forward
#Clean things out:
iptables -F
iptables -X
iptables -t nat -F
iptables -t nat -X
#setup up transparent proxy
iptables -t nat -A PREROUTING -p tcp --dport 80 -j LOG
iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-ports 8080
This is what googling gives me as the proper command, but it doesn't
do anything. Actually, it does. If I connect from another computer I
can see the LOG command get hit, but if I run the browser on
localhost, it does nothing.
I'm guessing that I need to do something special to get it to work on
the localhost rather than an external connection. I tried:
iptables -t nat -i lo -A PREROUTING -p tcp --dport 80 -j LOG
iptables -t nat -i lo -A PREROUTING -p tcp --dport 80 -j REDIRECT
--to-ports 8080
but there's no change in behavior. The web connection is unfiltered.
What am I doing wrong?
Thanks,
Michael
More information about the LUG
mailing list