Last active
March 22, 2018 16:43
-
-
Save GeoffWilliams/a65d09cab22f7a5e289e to your computer and use it in GitHub Desktop.
transparent proxy rules for openwrt and squid
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# | |
# Shell commands to run on router to enable transparent proxying | |
# | |
uci add firewall redirect | |
uci set firewall.@redirect[0].name='Transparent Proxy Redirect' | |
uci set firewall.@redirect[0].src=lan | |
uci set firewall.@redirect[0].proto=tcp | |
uci set firewall.@redirect[0].dest_port=3128 | |
uci set firewall.@redirect[0].src_dport=80 | |
uci set firewall.@redirect[0].src_dip='!192.168.15.1' | |
uci set firewall.@redirect[0].dest_ip=192.168.15.1 | |
uci set firewall.@redirect[0].target='DNAT' | |
uci commit firewall | |
/etc/init.d/firewall restart |
settings = FAIL
Hi!
Would you tell me why did you change from .src=lan
to .src=wan
and why .src_dip
instead of .src_ip
?
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
You are probably overriding the first redirect route of your router. Either do this (notice the -1, it's basically targeting the last rule you added)
or with a unique identifier, because deleting the first rule via commandline is cumbersome and can caus unwanted effects. I'd rather do this: