I can’t enable my HTTP proxy

Home Page Forums Network Management Transparent Proxy I can’t enable my HTTP proxy

This topic contains 5 replies, has 0 voices, and was last updated by  staifan13 9 years, 4 months ago.

Viewing 7 posts - 1 through 7 (of 7 total)
  • Author
    Posts
  • #42342

    staifan13
    Member

    Hello
    I’m new with Zeroshell and I must say also that I am not very good at networking.
    I managed to install and operate a computer with Zeroshell.
    There are two cards that are installed bridged.
    the captive portal works fine but I can not start the HTTP proxy.

    Indeed, the status is down and the “HTTP capturing rules” said to me that : “Proxy service disabled”

    I have tried some hoops to try to fix this problem and I read some topics but I must confess that I do not understand some details.

    So if one of you’ll have the courage to guide me step by step to try to understand and also my understanding of my problem, it would be very nice of him.

    Thank you in advance
    Stephan

    #50083

    ppalias
    Member

    What is the output of

    iptables -L -v
    iptables -t nat -L -v

    commands?

    #50084

    staifan13
    Member

    Hi . This is :

    root@coclicoh root> iptables -L -v
    Chain INPUT (policy ACCEPT 54415 packets, 3933K bytes)
    pkts bytes target prot opt in out source destination
    62754 4830K SYS_INPUT all -- any any anywhere anywhere
    24 1246 SYS_HTTPS tcp -- any any anywhere anywhere tcp dpt:http
    4096 441K SYS_HTTPS tcp -- any any anywhere anywhere tcp dpt:https
    108 7929 SYS_SSH tcp -- any any anywhere anywhere tcp dpt:ssh

    Chain FORWARD (policy ACCEPT 1064K packets, 601M bytes)
    pkts bytes target prot opt in out source destination

    Chain OUTPUT (policy ACCEPT 58365 packets, 6711K bytes)
    pkts bytes target prot opt in out source destination
    62491 7024K SYS_OUTPUT all -- any any anywhere anywhere

    Chain NetBalancer (0 references)
    pkts bytes target prot opt in out source destination

    Chain SYS_HTTPS (2 references)
    pkts bytes target prot opt in out source destination
    0 0 ACCEPT all -- lo any anywhere anywhere
    4120 442K ACCEPT all -- any any anywhere anywhere

    Chain SYS_INPUT (1 references)
    pkts bytes target prot opt in out source destination
    135 12008 ACCEPT all -- lo any anywhere anywhere
    0 0 ACCEPT tcp -- any any anywhere anywhere tcp dpts:12080:12083 PHYSDEV match --physdev-in ETH01
    0 0 DROP tcp -- any any anywhere anywhere tcp dpts:12080:12083
    10 3375 ACCEPT udp -- any any anywhere anywhere udp spt:domain state ESTABLISHED
    142 141K ACCEPT tcp -- any any anywhere anywhere tcp spt:http state ESTABLISHED
    0 0 ACCEPT tcp -- any any anywhere anywhere tcp spt:8245 state ESTABLISHED
    3824 291K ACCEPT udp -- any any anywhere anywhere udp spt:ntp state ESTABLISHED
    58643 4383K RETURN all -- any any anywhere anywhere

    Chain SYS_OUTPUT (1 references)
    pkts bytes target prot opt in out source destination
    135 12008 ACCEPT all -- any lo anywhere anywhere
    10 731 ACCEPT udp -- any any anywhere anywhere udp dpt:domain
    142 8984 ACCEPT tcp -- any any anywhere anywhere tcp dpt:http
    0 0 ACCEPT tcp -- any any anywhere anywhere tcp dpt:8245
    3839 292K ACCEPT udp -- any any anywhere anywhere udp dpt:ntp
    58365 6711K RETURN all -- any any anywhere anywhere

    Chain SYS_SSH (1 references)
    pkts bytes target prot opt in out source destination
    0 0 ACCEPT all -- lo any anywhere anywhere
    100 7521 ACCEPT all -- any any 192.168.1.0/24 anywhere
    8 408 DROP all -- any any anywhere anywhere

    and



    root@coclicoh root> iptables -t nat -L -v
    Chain PREROUTING (policy ACCEPT 85419 packets, 7320K bytes)
    pkts bytes target prot opt in out source destination

    Chain POSTROUTING (policy ACCEPT 47170 packets, 4504K bytes)
    pkts bytes target prot opt in out source destination
    47170 4504K SNATVS all -- any any anywhere anywhere

    Chain OUTPUT (policy ACCEPT 3917 packets, 297K bytes)
    pkts bytes target prot opt in out source destination

    Chain SNATVS (1 references)
    pkts bytes target prot opt in out source destination

    thanks

    #50085

    ppalias
    Member

    Seems ok, could you paste here the logs of the proxy when you turn it on?

    #50086

    staifan13
    Member

    Hello and thank you again,
    Well, I’ve just restart the proxy:
    Here are the logs: (in the logs of the antivirus there ‘s anything).

    08:40:53 === Starting HAVP Version: 0.90
    08:40:53 Running as user: havp, group: havp
    08:40:53 Use transparent proxy mode
    08:40:56 RESETTING VIRUS DATABASE.
    08:40:57 === Starting HAVP Version: 0.90
    08:40:57 Running as user: havp, group: havp
    08:40:57 Use transparent proxy mode
    08:41:34 === Starting HAVP Version: 0.90
    08:41:34 Running as user: havp, group: havp
    08:41:34 Use transparent proxy mode
    08:41:37 RESETTING VIRUS DATABASE.
    08:41:37 === Starting HAVP Version: 0.90
    08:41:37 Running as user: havp, group: havp
    08:41:37 Use transparent proxy mode
    08:41:51 === Starting HAVP Version: 0.90
    08:41:51 Running as user: havp, group: havp
    08:41:51 Use transparent proxy mode
    08:41:54 RESETTING VIRUS DATABASE.
    08:41:54 === Starting HAVP Version: 0.90
    08:41:54 Running as user: havp, group: havp
    08:41:54 Use transparent proxy mode

    and the status of the proxy in the web page is down

    Quick question: is it normal that the option will disable the antivirus is not accessible? (The menu is grayed out and tells me ENABLE)

    St├ęphan

    #50087

    ppalias
    Member

    I am not sure if there is any problem with captive portal, however it should not. Do you mind turning it off a little and try to enable proxy?
    Also have you got any capture rules configured for proxy? Maybe it complains due to the fact that it doesn’t have any rules what to capture.

    #50088

    staifan13
    Member

    Regarding the captive portal works great. I actually already tried to extinguish it but the result is the same.
    At the same time, finding it odd to have no log on the antivirus I simply create a new profile by taking the same network settings and then there, everything works fine. Here are the logs of the proxy:

    09:27:53 === Starting HAVP Version: 0.90
    09:27:53 Running as user: havp, group: havp
    09:27:53 Use transparent proxy mode
    09:27:53 — Initializing ClamAV Library Scanner
    09:27:53 ClamAV: Using database directory: /var/register/system/ClamAV/db
    09:28:06 ClamAV: Loaded 751959 signatures (engine 0.95.1)
    09:28:06 ClamAV Library Scanner passed EICAR virus test (Eicar-Test-Signature)
    09:28:06 — All scanners initialized
    09:28:06 Process ID: 8572
    09:28:06 WARNING: No HTTP capturing rules defined.
    09:30:06 === Starting HAVP Version: 0.90
    09:30:06 Running as user: havp, group: havp
    09:30:06 Use transparent proxy mode
    09:30:06 — Initializing ClamAV Library Scanner
    09:30:06 ClamAV: Using database directory: /var/register/system/ClamAV/db
    09:30:19 ClamAV: Loaded 751959 signatures (engine 0.95.1)
    09:30:20 ClamAV Library Scanner passed EICAR virus test (Eicar-Test-Signature)
    09:30:20 — All scanners initialized
    09:30:20 Process ID: 9289
    09:36:53 192.168.1.52 GET 401 http://192.168.1.15/ 274+210 OK

    You can see at first that the virus is activated after the proxy but in my case it would not start! Maybe it was the cause …
    I’ve also put some of whom log in at the beginning I did not set capturing HTTP rules. The proximal Corect worked there was just a warning.

    My problem is solved but not understood.

    Thank you still push me and I’ll post a new topic as I would know if it is possible to ensure that all computers on the LAN interface zeroshell do not communicate with them-! (No sharing of resources possible)

Viewing 7 posts - 1 through 7 (of 7 total)

You must be logged in to reply to this topic.