Good day,
I have a setup in which I am routing my received packets at my Mikrotik router to a squid server.
I also can see the incoming traffic with Tcpdump that it is actually ariving @ the correct port (443) on Squid Proxy server.
On the next step I have iptables -t nat -A PREROUTING -p tcp –dport 443 -j DNAT –to 10.0.2.51:3127 (that is all I have on iptable rules)
Which routes the received 443 traffic to port 3127 which is my squid SSL port.
I am getting page not found error on my browser.
Now I know that my Squid is setup correctly, because when I input the proxy server adress manually 10.0.2.51:3127 for SSL in the Mozilla browser all is working great, all SSL pages are logged with SSLbump.
Could someone please help with figuring out why this isn’t working correctly, I am quite new to proxies?
Advertisement
Answer
You are DNATing packets going to the proxy.
But are you SNATing the packets coming back from the proxy ?