I've set up a transparent proxy with squid
listening on 8080(http) 8443(https), and it works.
In addition, I set the iptables to redirect the request.
iptables -t nat -A PREROUTING -i wlan0 -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 8080
iptables -t nat -A PREROUTING -i wlan0 -p tcp -m tcp --dport 443 -j REDIRECT --to-ports 8443
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
If I set up an explicit proxy to replace squid, http still works, but https doesn't work (https proxy performs a MITM, and I trust the certificate).
I want to know the difference between using iptables REDIRECT and setting browser's proxy explicitly. Does the proxy process it somehow differently?
Best Answer
How proxies work
How a transparent proxy works
The browser thinks it is talking to the web server, and the proxy intercepts this traffic, and performs whatever tasks it needs to.
How an explicit proxy works
The browser knows it is talking to a proxy, and asks the proxy to load up the site that it wants to load instead.
Benefits of each type
Transparent
Explicit