Configure Transparent Proxy

From Secure Web Gateway
Revision as of 15:36, 24 July 2021 by Manish (talk | contribs) (1 revision imported: Importing all pages)

If you did not deploy the SafeSquid go through this page - Getting Started

If you already deployed the SafeSquid then follow the below steps

Redirect traffic from Port 80 and 443 to 8080 and 8443 respectively

STEP 1: To forward requests for all destination ports

  • Enable forwarding in /etc/sysctl.conf, by changing
net.ipv4.ip_forward=0 >> net.ipv4.ip_forward=1
  • To reload run
sysctl -p
  • To flush the iptables rules
iptables -F -t nat

STEP 2: Redirect traffic

  • Now to redirect requests for port 80 to 8080, Run
iptables -A PREROUTING -t nat -s 192.168.0.0/16 -p tcp --dport 80 -j REDIRECT --to 8080
  • Now to redirect requests for port 443 to 8443, Run (for SSL transparent proxy)
iptables -A PREROUTING -t nat -s 192.168.0.0/16 -p tcp --dport 443 -j REDIRECT --to 8443

STEP 3: Finally, to save IP table

apt-get install iptables-persistent
iptables-save >> /etc/iptables/rules.v4

Note : Redirection policies will not flush even you reboot proxy server.

Access the SafeSquid interface

Go to Configure Page

Transparent Proxy.png
 
Slide3.png

Enable policy from Network settings

 

 

Slide4.png

Restart SafeSquid Service

Restart the SafeSquid Service from Interface

Remove Proxy settings from browser

 
Slide5.png

 

 
Slide7.png

 

 
Slide8.png

 

 
Slide9.png

Configure Network

 
Slide10.png

 

 
Slide11.png

 

 
Slide12.png

 

 
Slide13.png

Open network and share center and  go to "Local area connection" as shown (In our case Proxy IP:192.168.221.222)

 
Slide14.png

Now you can access all the HTTP and HTTPS websites successfully without setting proxy inside browser.