[squid-users] Re: transparent proxy on remote box issue

From: WorkingMan <signup_mail2002_at_yahoo.com>
Date: Tue, 29 Oct 2013 16:30:16 +0000 (UTC)

Eliezer Croitoru <eliezer <at> ngtech.co.il> writes:

> Hey,
> I was wondering to myself?
> Why do you intercept traffic using Amazon?
> You should host your proxy close enough to have good response time which
> is ok if Amazon is close enough.
> In order to perform your goal you will need to use the right interfaces
> rules in IPTABLES.
> What are you using on the client machine?
> And also do you expect the squid box to use it's own IP as a src or the
> client IP?
> If you have an example on the IP level I might be able to compose an
> example that should work for you.
> Eliezer

The short answer is I need a transparent proxy (url rewrite and traffic
inspection) behind VPN (going for the security not for speed; cache will not
be used; proxy only).

Amazon VPC - (subnet goes under that CIDR)
VPN client - ex: iphone ( virtual pool)
vpn -
squid - (in practice it would go under and use NAT to
go to WAN but for making this simpler I use the same subnet)

I am not very good with linux networking so I think most of the issue is
with networking and routing.

My first attempt using VPC with this setup ended up with VPN client not able
to access anywhere. I suspect routing was not correct because I can see DNS
request and answer and some traffic going to the web site but there is no
response coming back to the client.

I am using (similar steps in both guides):

I am in the process of re configuring from scratch. If you have sure way of
making this work let me know. basically VPN setup is not an issue but
routing traffic to remote SQUID server and back is something that I am not
able to do successfully.

Received on Tue Oct 29 2013 - 16:30:45 MDT

This archive was generated by hypermail 2.2.0 : Wed Oct 30 2013 - 12:00:06 MDT