Hello All,
I have been using CentOS 6 for this feature in the past but i am interested in getting CentOS 7 up and running. I have Squid Proxy installed and configured properly and if i point the web browsers on my clients to the proxy it works just fine. But when I attempt to do this transparently by pointing the traffic from my switch to the proxy it doesn't work. It looks as if it is denying the traffic. In the past when i had an issue like this it was a configuration error in the IP tables. The way i used to fix the issue is no longer working however. Was hoping that someone could shed some light on how to make this happen. Thanks!
Transparent Proxy
Re: Transparent Proxy
CentOS 7 uses firewalld by default. Did you set it up to use iptables.service instead?
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke
-
- Posts: 3
- Joined: 2014/11/26 19:34:19
Re: Transparent Proxy
Yea I tried to use the iptables Service. Should I be using the Firewalld? are the commands similar?
-
- Posts: 10642
- Joined: 2005/08/05 15:19:54
- Location: Northern Illinois, USA
Re: Transparent Proxy
CentOS 7 is a BIG change from CentOS 6.
You really need to read the documentation.
https://access.redhat.com/documentation ... ise_Linux/
You really need to read the documentation.
https://access.redhat.com/documentation ... ise_Linux/
-
- Posts: 3
- Joined: 2014/11/26 19:34:19
Re: Transparent Proxy
Ok, I was finally able to get it all working after reading up on firewalld. Thank you gerald_clark for pointing me in the right direction. Just incase any one is interested I was able to get this working by using the following commands:
firewall-cmd --zone=internal --add-masquerade –permanent
firewall-cmd --zone=external --add-masquerade –permanent
firewall-cmd --zone=internal --add-forward-port=port=443:proto=tcp:toaddr=10.0.0.1:toport=3127 --permanent
firewall-cmd --zone=internal --add-forward-port=port=80:proto=tcp:toaddr=10.0.0.1:toport=3126 –permanent
firewall-cmd --zone=external --add-forward-port=port=80:proto=tcp:toport=3126 –permanent
firewall-cmd --zone=external --add-forward-port=port=443:proto=tcp:toport=3127 --permanent
firewall-cmd --reload
And i followed the following guide to set everything up before that point: http://docs.diladele.com/tutorials/tran ... index.html
Thanks again all and I hope this helps the next person who comes along.
Bradley Bishop @ Education at Work
firewall-cmd --zone=internal --add-masquerade –permanent
firewall-cmd --zone=external --add-masquerade –permanent
firewall-cmd --zone=internal --add-forward-port=port=443:proto=tcp:toaddr=10.0.0.1:toport=3127 --permanent
firewall-cmd --zone=internal --add-forward-port=port=80:proto=tcp:toaddr=10.0.0.1:toport=3126 –permanent
firewall-cmd --zone=external --add-forward-port=port=80:proto=tcp:toport=3126 –permanent
firewall-cmd --zone=external --add-forward-port=port=443:proto=tcp:toport=3127 --permanent
firewall-cmd --reload
And i followed the following guide to set everything up before that point: http://docs.diladele.com/tutorials/tran ... index.html
Thanks again all and I hope this helps the next person who comes along.
Bradley Bishop @ Education at Work