Get all HTTP traffic with a proxy

cisco-asaPROXY

I’d like to setup a proxy server that get all HTTP traffic on my network. I think to use Squid installed on Debian.

Below the network diagram:

I don’t want to setup a proxy server on my LAN because I can’t configure a proy server on each computers.

Can someone tell me what’s the best way to do this?

Best Answer

Your best bet is to setup squid in transparent mode, but your network diagram would change. As the proxy server would NAT, that would replace your cisco as a router too. (and while at it, why not remove your ISP router to not double NAT ?? as if someday you want to create some VPN, you can't in double-NAT)

See a tutorial there; http://xmodulo.com/squid-transparent-web-proxy-centos-rhel.html

There a bit of detail from the tutorial that show how he did it;

Squid Installation

To set up a transparent proxy with Squid, we start by adding necessary iptables rules. These rules should help you get started, but please make sure that they do not conflict with any of the existing configuration.

iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT--to-port 3128

The first rule will cause all outbound packets from eth1 (WAN interface) to have the source IP address of eth1 (i.e., enable NAT). The second rule will redirect all incoming HTTP packets (destined to TCP 80) from eth0 (LAN interface) to Squid listening ort (TCP 3128), instead of forwarding it out to WAN interface right away.

Related Solutions

POP Through HTTP Proxy

Yes, but you have to have a client and server or some gateway mechanisms that will encapsulate / decapsulate the http wrapper (tunnel). There are client proxies out there (eg- mailFish) that will do this for you.

Much of the time this is used to circumvent corporate firewall policies. Bad juju.

Configuring Ubuntu for Global SOCKS5 proxy

Each command has its own configuration parameters and/or configuration files to use proxy servers. For example, w3m recognizes the HTTP_PROXY environment variable and uses it as a proxy if defined. wget also has options related to proxy settings. apt-get can be configured also to use a proxy server (or better apt-cacher to cache your downloaded packages for future installs/upgrades).

At the very least, you can use iptables to redirect all you outgoing traffic to a specific proxy.

$ sudo iptables -t nat -A OUTPUT -p tcp --dport 80 -j DNAT --to-destination proxy_ip:proxy_port

Adding a rules such as the above is enough to transparently redirect all outgoing traffic to your proxy server. Of course, you can customize the rule according to your needs like forwarding other ports.

Best Answer

Related Solutions

POP Through HTTP Proxy

Configuring Ubuntu for Global SOCKS5 proxy

Related Topic