Re: Iptables Transparent Proxy and Browser on localhost

From: Alex Harsch (infodude_at_gmx.de)
Date: 06/17/04 

Date: Thu, 17 Jun 2004 11:17:16 +0200

Fritz Bayer wrote:

> Hello,
>
> I have written a java http proxy, which accepts http connections on
> the localhost at port 8080 and forwards them to the authority in the
> internet.
>
> I would like the proxy to be transparent so that my browser's requests
> to port 80 are redirected to port 8080 on the localhost.
>
> The proxy then opens a new tcp connection and forwards the result to
> the connection originally established by the browser.
>
> The important thing to notice is that I only have one linux pc, and so
> ALL requests are originating from localhost, and that all connection
> request are having the destination port 80.
>
> I'm looking for a set of iptable rules, that redirect the requests
> from the browser to the proxy BUT that do not redirect any requests of
> the proxy to itself.
>
> So I really need some rules, which can differentiate between HTTP
> connections originating from the browser and the proxy.
>
> Those connections originating from the browser should be forwarded to
> the proxy. Those of the proxy should leave my box and go to the
> internet.
>
> I have googled a lot and read the howtos and the manpages, but I can't
> figure out how to distinguish connections of the browser from the
> proxy's connection requests, since they are all leaving the same
> interface.
>
> Any ideas?
Hello,

why don't you just configure your browser to user a proxy, if you are the
only client anyways? But, you can also work with iptables, which is more
effort of course. The rules should then look like this:
1. everything from your_proxy_port to dport 80 accept
2. everything from high_ports to dport 80 redirect to 8080

Alex

Relevant Pages

  • Re: access only to one external site
    ... > client (that is a browser configured to use a proxy server) requests a web ... > request" (not specific destination set, ...
    (microsoft.public.isa.configuration)
  • Re: Open mail relay surge
    ... (Excuse a slight cross-posting to RESNET-L and Incidents...) ... Originally I had counts for outbound TCP connections for this host from ... I looked for proxy connections made to this host over the same ... to an SMTP port from the inside source that were closed by graceful TCP ...
    (Incidents)
  • Re: New proxies
    ... Tor is the one option for Live 365 listeners who want ... proxy to get online coverage from one of three locations. ... I found that that there were connections from corporate ... networks all over Europe, especially during the final ...
    (comp.security.firewalls)
  • iptables proxy two ips for one host
    ... The transparent proxy, which I have written myself, is bound to the ip ... I would like to forward all http ... connections of my browser to the proxy on the same pc. ...
    (comp.os.linux.networking)
  • Re: Iptables Transparent Proxy and Browser on localhost
    ... >> I have written a java http proxy, ... >> I would like the proxy to be transparent so that my browser's requests ... >> the connection originally established by the browser. ... >> connections originating from the browser and the proxy. ...
    (comp.os.linux.networking)
Loading