LinuxQuestions.org
Latest LQ Deal: Latest LQ Deals
Home Forums Tutorials Articles Register
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
Reload this Page [SOLVED] How to redirect local port 80/443 traffic for other users on same machine
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 02-29-2024, 02:48 AM   #1
dalacor
Member
 
Registered: Feb 2019
Distribution: Slackware
Posts: 170

Rep: Reputation: Disabled
How to redirect local port 80/443 traffic for other users on same machine

This should be simple, but I can't see how you actually achieve this.

I have E2guardian Proxy Server installed on Slackware. I have transparent and explicit proxy setup in the firewall rules as follows:

Code:
# TCP Ports 80 and 443 Transparent Proxy redirect to E2guardian Proxy Server

iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 80 -j REDIRECT --to-ports 8081
iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 443 -j REDIRECT --to-ports 8443

# TCP Port 80 Linux and E2guardian HTTP Internet Access

iptables -A OUTPUT -o eth0 -p tcp --dport 80 -m conntrack --ctstate NEW -j ACCEPT

# TCP Port 443 Linux and E2guardian HTTPS Internet Access

iptables -A OUTPUT -o eth0 -p tcp --dport 443 -m conntrack --ctstate NEW -j ACCEPT

# TCP Port 8081 E2guardian Explicit Internet Access - No transparent Proxy

iptables -A INPUT -i eth1 -p tcp --dport 8081 -m conntrack --ctstate NEW -j ACCEPT

# TCP Port 8443 Transparent Proxy through E2guardian

iptables -A INPUT -i eth1 -p tcp --dport 8443 -m conntrack --ctstate NEW -j ACCEPT
So all traffic on Internal lan connects to the proxy server either explicitly using port 8081 or transparently using port 8443. E2guardian proxy server is able to connect to the Internet on the allowed outbound ports 80/443. So the computers behind the proxy server are filtered perfectly.

Problem is, the Slackware system that E2guardian itself is installed on, is not going through the proxy server, so I can't see what websites the Slackware system itself connects to!

I know that I need to change coding below:

Code:
# TCP Port 80 Linux and E2guardian HTTP Internet Access

iptables -A OUTPUT -o eth0 -p tcp --dport 80 -m conntrack --ctstate NEW -j ACCEPT

# TCP Port 443 Linux and E2guardian HTTPS Internet Access

iptables -A OUTPUT -o eth0 -p tcp --dport 443 -m conntrack --ctstate NEW -j ACCEPT
to use this so as to only allow the user e2guardian to connect to the Internet:

Code:
# TCP Port 80 Linux and E2guardian HTTP Internet Access

iptables -A OUTPUT -o eth0 -p tcp --dport 80 -m owner --uid-owner e2guardian -m conntrack --ctstate NEW -j ACCEPT

# TCP Port 443 Linux and E2guardian HTTPS Internet Access

iptables -A OUTPUT -o eth0 -p tcp --dport 443 -m owner --uid-owner e2guardian -m conntrack --ctstate NEW -j ACCEPT
So restricting internet out access to E2guardian is simple. But I still can't see how to redirect port 80/443 traffic from other users on the same Slackware system to go to E2guardian service itself. Prerouting is not right as the traffic is already on Slackware - not coming into the network interface.

I am sure it's very simple, but I can't see what one does to redirect other users internet traffic to the proxy service on the same machine.
 
Old 03-12-2024, 05:14 AM   #2
dalacor
Member
 
Registered: Feb 2019
Distribution: Slackware
Posts: 170

Original Poster
Rep: Reputation: Disabled
I am closing this question as I have managed to solve the issue. Solution is posted - https://www.linuxquestions.org/quest...ne-4175734340/
 
  


Reply



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
[SOLVED] How to redirect local port 80/443 traffic for other users on same machine dalacor Slackware 3 03-12-2024 05:23 AM
[SOLVED] Redirect port 443 requests to port 3000 on hostmonster (Centos 6.8) for Node Express Application listening on port 3000 brentw Linux - Server 8 12-20-2016 11:38 AM
local redirect IP Tables dnat external IP from Port 443 to 2443 happyjack Linux - Networking 2 03-25-2014 05:51 PM
Port redirect 8443 to 443 roshan.s Linux - Networking 4 07-15-2011 01:40 AM
redirect some http requests to port 443. FMH Linux - Software 5 09-17-2007 08:19 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 11:24 PM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration