Iptables – forward from port 80 to Squid on port 3128 problem

iptablessquid

I have two boxes: 172.16.1.224 and 172.16.1.223.

Both are running Squid. I connect my browser to x.x.x.224, port 3128 using Firefox proxy settings. That works fine. If I connect my browser to x.x.x.223:3128 using Firefox proxy settings, it works fine.

Now, I'm trying to bridge the two boxes, such that when I connect o x.x.x.224:3124 using Firefox proxy settings, traffic gets routed to x.x.x.223 and then on to the web.

Any ideas on how I might do this? I'm struggling with iptables.

Many thanks in advance,

Best Answer

That should do it:

iptables -t nat -A PREROUTING -p tcp -d x.x.x.224 --dport 3124 -j DNAT --to-destination x.x.x.223:3128

Furthermore if you don't already have another masquerading rule, you need

iptables -t nat -A POSTROUTING -p tcp -d x.x.x.223 --dport 3128 -j SNAT --to-source x.x.x.224

If you do this, you don't need to have squid running on .224, only on .223. But why can't you let clients connect to .223 directly ?

Best Answer

Related Solutions

Iptables – Transparent Proxy with Squid / iptables

Iptables – Can iptables allow Squid to process a request, then redirect the response packets to another port

Related Topic