Error Transparent Proxy with < iptables -v -n --list !

[sothy]

Dear every body

i have problem with transparent proxy that befor time every with transparent proxy it working fine but when i reinstall machin it have problem with command :

iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 80 -j REDIRECT --to-port 3128
 
but when i go to see on iptable -v -n --list it dosen't have command that i typed befor ..........so could you tell me how shout i do with thos command .

Happy when you reply back

Best Regard

sothy.sorn

[ronaldjayr_jover]

Sir check your /etc/sysctl.conf and check if your ipforwarding is = 1.

Thanks

[sothy]

Dear sir
 i have doned it already , that i chang on :

linux:/proc/sys/net/ipv4 # less ip_forward

1


it show 1 but still the same when i type command for use transparent it dose't record or i dont see any thing when i typ command for check it :
linu
Ex :

linux:/ # iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 80 -j REDIRECT --to-port 3128


linux:/ # iptables -v -n --list
Chain INPUT (policy ACCEPT 148 packets, 60842 bytes)
 pkts bytes target     prot opt in     out     source               destination

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination

Chain OUTPUT (policy ACCEPT 178 packets, 60031 bytes)
 pkts bytes target     prot opt in     out     source               destination

so it make my transparent proxy can't work ..................


Thank You for your time

[gauravbajaj]

ok..First of all send me the ouput of

#iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 80 -j REDIRECT --to-port 3128

does it shows any error message or it is executed fine?

if it doesn't show any message , then check ur logs in squid..Tell wheather clients are using squid proxy....

If it uses then its ok , if not then just convert  PREROUTING to POSTROUTING

in above command ..
After that i hope it will work

Cheers
Gaurav

[sothy]

Dear sir

i dont know clearly what you mean but i have some thing to tell you again about my problem that ::

know why all my machin i mean three
machin that use suse the same that why when i use script for use
transparent proxy :

iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 3128

 And when i want to show it :

linux:/ # iptables -v -n --list

Chain INPUT (policy ACCEPT 126K packets, 70M bytes)
 pkts bytes target     prot opt in     out     source  destination

Chain FORWARD (policy ACCEPT 17 packets, 1124 bytes)
 pkts bytes target     prot opt in     out     source  destination

Chain OUTPUT (policy ACCEPT 111K packets, 73M bytes)
 pkts bytes target     prot opt in     out     source  destination

And about
linux:/proc/sys/net/ipv4 # less ip_forward
1
so i try to find the reason be my self but i you hade ever meet this problem
could you tell me how can i do with this ?

Thank You for your reply back

[gauravbajaj]

I can't get you

It seems that , u want to configure TRANSPARENT PROXY IN SUSE, for that u  have to make changes only in SuSEfirewall2 file..,

Gaurav

[sothy]

Yes i realy want to install transparent proxy on suse and about my Susefirewall i all so disaball already :

linux:~ # /etc/init.d/SuSEfirewall2_final stop
linux:~ # /etc/init.d/SuSEfirewall2_init stop
linux:~ # /etc/init.d/SuSEfirewall2_setup stop
Shutting down the Firewall (and disabling routing)                   done


so how can i do with this ? ....................

[gauravbajaj]

Its not so difficult....
 just follow this link

http://www-uxsup.csx.cam.ac.uk/pub/doc/suse/suse9.3/suselinux-adminguide_en/sec.squid.proxyconfigtrans.html

I have already setup the Transparent PROXY in my company..Its sucessfully running
Gaurav

[sothy]

Sorry Sir i dont know you understand what my problem ornot . but how ever i just want to tell you that befor time i all have ever done Transprent Proxy work already but just a vew day i have problem with electric that make my server linux it reboot and when i start squid agian it working fine but when i want to use transprent proxy i can't that befor time when i use script for run transprent proxy it working fine and we can see the record command when we type ( # iptanbles -v -n --list ) we will see the scripts that we type but now when i typ scripts the same scripts befor i did't see any thing that when i type the command ( # iptables -v -n --list ) . i hope my explain every thing make you understand it .......Thank you foryou time that help me ....................

sothy

[gadekishore]

#
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 3128

# service iptables save
check in /etc/sysconfig/iptables

u can see already the mentioned tables is saved

[gadekishore]

[root@station22 root]# iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination
                                                                                                                             
Chain FORWARD (policy ACCEPT)
target     prot opt source               destination
                                                                                                                             
Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination
[root@station22 root]#

you can check here iptables -L command is showing only out put of input and forward and output chains only.............but we are doing prerouting.......

iam not that much sure ....you can ask some other

[sothy]

Dear sir it the result that you tell me but i dont see iptables in /etc/sysconfigure :

linux:/ # /etc/sysconfig/
daemons    hardware   isdn       network    powersave  scripts
linux:/ # cd /etc/sysconfig/
linux:/etc/sysconfig # ls
.              backup        cron            hardware  kernel    mouse              powersave  sendmail    windowmanager
..             boot          cups            hotplug   keyboard  network            proxy      sound       xntp
SuSEfirewall2  bootloader    daemons         ide       language  news               saslauthd  ssh         ypbind
apache         bootsplash    displaymanager  isdn      ldap      nfs                sax        suseconfig
apache2        bzflagserver  dump            ispell    lirc      onlineupdate       scripts    susehelp
autofs         clock         esound          java      mail      personal-firewall  scsidev    sysctl
autoinstall    console       fonts-config    joystick  mdadm     postfix            security   syslog
linux:/etc/sysconfig #can't fine iptables

so what the matter with my machin ?

[sothy]

Dear sir

i have alredy done it about what to see my script by useing command :

iptables -L or iptables -v -n --list but the results still the same so i dont know why every scripts that i type befor it doesn't see any thing it just ;

linux:/ # iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination
ACCEPT     all  --  anywhere             anywhere

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination
linux:/ #

it still the same why it can't save or record my scripts ..................

[gadekishore]

Hello sothy

not /etc/sysconfig............... please check in /etc/sysconfig/iptables............here you can view the saved tables

[gadekishore]

vi /etc/sysconfig/iptables..........in redhat  enterprise linux or fedora or redhat linux having the same file vi  /etc/sysconfig/iptables...

after verification please let me know
kishore