January 6, 2020 4:48 PM, "Mike C." <[email protected]> wrote:
>> I've implemented the following command: >>> iptables -t nat -A PREROUTING -i eth0 -s 192.168.254.0/24 --dport 80 -j >>> REDIRECT --to-port 3128 >> >> I can use the proxy by explicitly setting it in firefox, but the >> transparent feature is a no go. > > You want to use "tproxy" instead of "redirect" because "redirect" modifies > the destination address of the packet. Which is probably why it doesn't > work for you. > > e.g. > > # iptables -t mangle -A PREROUTING -p tcp --dport 80 -j TPROXY \ > > --tproxy-mark 0x1/0x1 --on-port 50080 > > More info here - > https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git/tree/Documentation/networking/tp > oxy.txt > _______________________________________________ > PLUG mailing list > [email protected] > http://lists.pdxlinux.org/mailman/listinfo/plug I've added the TPROXY rule to the mangle table, but I think I have to do something else... I am still having to explicitly set a proxy to get out, maybe I'm not marking packets or maybe I need to policy route? _______________________________________________ PLUG mailing list [email protected] http://lists.pdxlinux.org/mailman/listinfo/plug
