similar to: transparent bridge

Hi I have been using Shorewall for a while now and find it very useful and easy to configure, I am learning iptables and having trouble getting the bridge to successfully work with squid, although I get it working with Shorewall straight away? Does anyone know the rules to successfully use squid with a transparent bridge? Internet – router - (bridge eth0 – eth1) – local lan auto lo iface lo

Trying to use the policy drop rule with the bridged firewall, when I removed the first line the transparent proxy works great? It seems a bit strange as from reading several articles on it I thought the following occurs. 1st line - if it doest match it gets dropped on the local filter input. 2nd line - redirects the traffic off the link layer into the network layer ready for line 3. 3rd line -

Hi, [sorry for the crosspost, I don''t know whether this is a routing or ebtables problem] I want to redirect all HTTP traffic passing through my bridge to a squid proxy on another machine. However, setting up brouting as suggested in the ebtables examples doesn''t work and the packets get dropped on the floor completely. /\/\/\/\/\/\/\/\ +----------------------+

Still learning Xen, and would like to know if it''s possible to run Squid in D0 when running in bridging mode. I have iptables and ebtables going, and am able to log packets with those, but can''t seem to get any traffic out of the bridge into Squid in D0 (or through iptables in D0, for that matter). Information I''ve gathered so far is that I need

Hi, I tried sending this earlier, but it didn't come through. Apologies if this appers twice on the list. I'm running bridging using the brouter setup described on this page: http://ebtables.sourceforge.net/examples.html "Making a brouter". The setup described there is like this: ifconfig br0 0.0.0.0 ifconfig eth0 172.16.1.1 netmask 255.255.255.0 ifconfig eth1 172.16.2.1

Hi all, This is my first post to this list. I hope someone can help me, I have been getting grey hairs trying to make this work! I have a bridge setup on a debian sarge box. The bridge is called br0 and sits between my cable modem and a non-name brand router/switch: [cable modem]----[eth1]---[br0]----[eth2]-----[no-name brand router] I have squid setup on the linux box and it works, I have

Are you saying that REDIRECT hasn't been or that it has suddenly stopped working? My guess would be that it hasn't been working. Here's why: The REDIRECT target is in the NAT table because it is designed to redirect the port of packets destined for the interface they arrived on. If I understand right your situation is like this: (Users) -----> (eth2) <Bridge (192.168.0.3)>

Hi, Sorry to bother you all. I have a typical problem sharing DSL upstream bandwidth with users. I have 3 types of traffic high-priority, medium-priority and low priority. My upstream rate is 960kbits. Traffic (any priority) can vary in bandwidth from 0 to 960kbits. I have a test setup where I can pump 600kbit of high priority sustained and I have 400kbit of low priority traffic sustained. I

Hello all. I know this does not directly relay to Ethernet bridging but I need some advise... anyone want to give me some info/help on the subject. In the interest of multipath routing I need to know if it is possible to do a one-way arp spoof. Lets start with the machines layout... br1------ADSL br2------cisco router-----serial line. br0-----Internal network. I already have

Hi Rahul, If you're certain that your problem isn't as Stephen suggested, you might want to have a look at this: --- (From http://ebtables.sourceforge.net/brnf-faq.html <http://ebtables.sourceforge.net/brnf-faq.html> ) How do I let vlan-tagged traffic go through a vlan bridge port and the other traffic through a non-vlan bridge port? Suppose eth0 and eth0.15 are ports of br0.

https://bugzilla.netfilter.org/show_bug.cgi?id=1316 Bug ID: 1316 Summary: ebtables-nft support for broute Product: nftables Version: unspecified Hardware: x86_64 OS: Debian GNU/Linux Status: NEW Severity: normal Priority: P5 Component: iptables over nftable Assignee: pablo at

I have a server whit 2 interfaces of network, where eth0 is the interfaces connetc to internet and eth1 to the internal network. This server hace a Squid only, but i setting the iptables for protection to the server. Iptables run from script and in this script i setting the redirection for the other server in my internal network to port 80 and 443. I follow the diferent how to and many manual, but

I think I may have fixed my memory leaks, and it may be that it was nothing to do with xen... the machine has been up for 10 days now which is the longest it has lasted in quite a while. I changed the way the bridges and vlans worked together, previously I had it configured thus: trunk = renamed Ethernet interface br0 = bridge of trunk and any domU I wanted on vlan1 br0.2 = vlan 2 on trunk br1 =

Greetings, I installed a squid 3.1.10.i686 squid to a centos 6.2i686. The proxy is working fine with the default config. After I decided to use it as a transparent proxy, I added two lines to config: http_proxy 10.0.5.1:3128 transparent, always_direct allow all http_port 10.0.5.1:3128 transparent # # Recommended minimum configuration: # acl manager proto cache_object #acl localhost src

Hi ALL, I want to setup Transpaent Proxy on the box running iptables Firewall. With iptables, I have given below rules. iptables -F INPUT iptables -F OUTPUT iptables -F FORWARD iptables -F -t nat iptables -F -t mangle #Enabling ip forwarding echo "1" > /proc/sys/net/ipv4/ip_forward #enable syn cookies (prevent against the common 'syn flood attack') echo "1"

got it running, really easy !!! I am running shorewall 1.2.12 on a debian stable ! and have a squid as transparent proxy on another machine (debian testing) tried to get this work the hole day: I found this iptables: ------ iptables -t nat -A PREROUTING -i eth0 -s ! $squid_box -p tcp --dport 80 -j DNAT --to $squid_box:3128 iptables -t nat -A POSTROUTING -o eth0

Hi, I just setup a very basic HTTP proxy with Squid on a router running CentOS 7. Up until early 2020 I've been using a bone-headed shell script with iptables to configure my firewall. But I decided to follow advice from a few gurus on this list, and I've since moved my configurations to FirewallD, which works nicely. There's one configuration left to tackle, that's port

I have posted this question to the netfilter mailing list along with #ebtables, #iptables, and #netfilter. Nobody has really responded, so I''m led to believe that it is either incredibly complicated or *really* simple. Please, somebody throw me a bone here! Ok, on with the show... I have a bridge (br0) with two interfaces (eth1 and eth2). Neither br0, eth1, or eth2 have an

Hi Srs I have a linux like a bridge LAN - BRIGE -ROUTER The bridge has a ip ( non public IP) The bridge is working fine but y need to set up the Squid on the same machine where is installed the BRIDGE. I was looking for the answers and say: httpd_accel_host virtual httpd_accel_port 80 httpd_accel_with_proxy on httpd_accel_uses_host_header on and put this rules with iptables

I've managed to configure a LVS Cluster to act as a transparent proxy squid farm, with a virtual server as load balancer, and three real servers. Because redirecting packets going to port 80 to port 3128 of squid in the load balancer doesn't works, the solution has a mix of ip route and iptables. Here is the script I wrote to configure transparent proxy. #!/bin/bash #Transparent proxy