Zeroconf behind proxy but still using captive portal?

Home Page Forums Network Management Networking Zeroconf behind proxy but still using captive portal?

  • This topic is empty.
Viewing 8 posts - 16 through 23 (of 23 total)
  • Author
    Posts
  • #46433
    ppalias
    Member

    Umm this is not the way transparent proxy works. You must have at least 2 interfaces on ZS in order the traffic to pass through them to get to the internet, so that ZS will hijack the http traffic and send it over to the proxy instance.

    #46434

    I see so my setup with only 1 interface is the issue.

    So if I changed the IP scheme to:

    ZS 10.10.10.1 ETH00
    DHCP 10.10.10.100-10.10.10.200
    ETH01 172.22.31.9

    Zeroshell


    .SquidNt


    Internet
    10.10.10.1/172.22.31.9 172.22.31.10
    Could this work?

    #46435
    ppalias
    Member

    Yup this would work fine. However you could also leave only one network card on the ZS and add another IP on the interface. However your clients will be able to change their IP address and bypass the proxy. So technically the best solution is the scheme you proposed.

    #46436

    Excellent, I will give it a try today and test.

    #46437

    I have configured ZS with 2 interfaces but I still have not got the Transparent proxy to work. I was able to modify havp.config and the logs below show as such (Parent proxy:172.22.31.10;3128) Could I be configuring the capture rules wrong?

    14:54:52 ClamAV: Using database directory: /var/register/system/ClamAV/db
    14:54:54 ClamAV: Loaded 498364 signatures (engine 0.95.1)
    14:54:54 ClamAV Library Scanner passed EICAR virus test (Eicar-Test-Signature)
    14:54:54 — All scanners initialized
    14:54:54 Process ID: 27903
    14:58:46 === Starting HAVP Version: 0.90
    14:58:46 Running as user: havp, group: havp
    14:58:46 Use transparent proxy mode
    14:58:46 — Initializing ClamAV Library Scanner
    14:58:46 ClamAV: Using database directory: /var/register/system/ClamAV/db
    14:58:51 ClamAV: Loaded 498364 signatures (engine 0.95.1)
    14:58:51 ClamAV Library Scanner passed EICAR virus test (Eicar-Test-Signature)
    14:58:51 — All scanners initialized
    14:58:51 Process ID: 5102
    15:02:55 192.168.0.100 GET 302 http://192.168.0.1/ 228+204 OK
    15:03:13 192.168.0.100 GET 302 http://192.168.0.1/ 228+204 OK
    15:09:39 192.168.0.100 GET 302 http://192.168.0.1/ 228+204 OK
    15:17:42 192.168.0.100 GET 302 http://192.168.0.1/ 228+204 OK
    15:17:49 192.168.0.100 GET 302 http://192.168.0.1/ 227+204 OK
    15:42:35 192.168.0.100 GET 302 http://192.168.0.1/ 228+204 OK
    15:42:40 192.168.0.100 GET 302 http://192.168.0.1/ 227+204 OK
    15:56:28 === Starting HAVP Version: 0.90
    15:56:28 Running as user: havp, group: havp
    15:56:28 Use parent proxy: 172.22.31.10:3128
    15:56:28 Use transparent proxy mode
    15:56:28 — Initializing ClamAV Library Scanner
    15:56:28 ClamAV: Using database directory: /var/register/system/ClamAV/db
    15:56:31 ClamAV: Loaded 498364 signatures (engine 0.95.1)
    15:56:31 ClamAV Library Scanner passed EICAR virus test (Eicar-Test-Signature)
    15:56:31 — All scanners initialized
    15:56:31 Process ID: 12572
    [/img][/quote]

    #46438
    ppalias
    Member

    Just add a rule to capture anything sourcing the interface where your clients are (10.10.10.1) and try to browse the internet (e.g http://www.google.com)

    #46439

    I made a capture rule:

    Capture traffic
    src:192.168.0.100-192.168.0.200 (DHCP)

    I restarted the proxy service but I am still getting same issue.

    #46440
    ppalias
    Member

    Show us the output of

    iptables -L -v
    iptables -t nat -L -v

    from the shell.

Viewing 8 posts - 16 through 23 (of 23 total)
  • You must be logged in to reply to this topic.