Wired Networks Thread, linux router to connect kindle to proxy server in Technical; Common probably and I'm sure I've solved this before at another school but for the life of me can't figure ...
2nd February 2012, 10:27 AM #1
linux router to connect kindle to proxy server
Common probably and I'm sure I've solved this before at another school but for the life of me can't figure it out this time!
We have a private IP range routed on to our County's larger private IP range. Web request go through an onsite proxy server on port 1080 and are then forwarded to another Countywide proxy server before reaching the wider Internet.
We are looking at investing in either Kindles or Android tablets and are having problems with entering proxy settings, or the lack of support for these settings.
So the solution is to set up a router on our network to route traffic from a new private range onto our existing private range and in the process transparently redirect port 80 requests to our proxy server.
Hopefully that makes sense.
Here's what I've done:
Set up a Hyper-V virtual machine with two NICs and installed CentOS 6.1 i386 minimal. Eth0 is on our existing range (10.96.22.100) and eth1 is on the new range (172.16.20.1)
Here are router setting's I've tried:
On the Kindle, the Android tab and my iPhone I've tried the following settings
echo 1 > /proc/sys/net/ipv4/ip_forward
iptables -t nat --flush
iptables -t nat --delete-chains
iptables -A FORWARD -i eth0 -o eth1 -j ACCEPT
iptables -A FORWARD -i eth1 -o eth0 -j ACCEPT
iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 80 -j DNAT --to 10.96.22.5:1080
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
iptables-save > /etc/sysconfig/iptables
service iptables stop
service iptables start
chkconfig iptables on
service iptables status
Can anyone point me in the right direction to get this working?
Static IP: 172.16.20.5
IDG Tech News
2nd February 2012, 12:36 PM #2
Not sure if this helps but
the iptables transparency command we use is
-A PREROUTING -i eth1 -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 3128
but what we've done is make a separate transparent proxy that handles guest wireless and everything: iptables, squid, dns, dhcp is on one box so it's an isolated system. the two lan cards one is vlan for guest wireless, the other plugs into the router than connects to county.
Thanks to browolf from:
tmcd0035 (2nd February 2012)
2nd February 2012, 12:48 PM #3
The problem with that is it redirects the port but there is no mention of where the proxy server is.
Originally Posted by browolf
can i do something like
REDIRECT --to 10.96.22.5 --to-ports 1080
I can't help feeling I'm missing something obvious in my original script.
2nd February 2012, 01:14 PM #4
In our case it assumes the proxy is on the same machine. which is it.
if we had the proxy on another machine we'd do it in the form
iptables -t nat -A PREROUTING -p PROTO -d DEST_IP --dport DEST_PORT
-j REDIRECT --to-ports LOCAL_PORTS
this page looks relevant to your issues: http://www.karlrupp.net/en/computer/nat_tutorial
i'd forget the transparency to begin with and get it working with a laptop
Last edited by browolf; 2nd February 2012 at 01:22 PM.
By sharkster in forum How do you do....it?
Last Post: 2nd November 2009, 03:00 PM
By Tony_Mc in forum Office Software
Last Post: 26th January 2009, 03:38 PM
By TechSupp in forum *nix
Last Post: 15th December 2008, 12:06 PM
By nawbus in forum Network and Classroom Management
Last Post: 11th July 2008, 01:48 PM
Last Post: 27th February 2008, 02:42 PM
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)