0

I have no idea what I'm doing and these (1, 2 ) don't seem to work for me. I need to force http(s) traffic to go through a proxy on my phone (WLAN 192.168.43.1:1234)

This sort of works:

iptables -t nat -A OUTPUT  -d 192.168.0.0/16,10.0.0.0/8,172.16.0.0/12,127.0.0.1 -j ACCEPT
iptables -t nat -A OUTPUT -p tcp --dport 80 -j DNAT --to 192.168.43.1:1234
iptables -t nat -A OUTPUT -p tcp --dport 443 -j DNAT --to 192.168.43.1:1234

In the log, I can see that the connection is happening and requests do reach the proxy, but the proxy throws error 65 and for some reason mentions refusing the connection to localhost:80. What did I do wrong?

Роман Мавроян
  • 767
  • 9
  • 17
  • Unrelated to your problem, but, you should try using `nftables` as it's slowly but steadily replacing `iptables`. It's built by the same company and there is also a utility called `iptables-translate` that will help you make the transition smother. You can learn more about it in the [Debian wiki page](https://wiki.debian.org/nftables). – Rayleigh Jul 10 '20 at 08:43
  • Don't comment unrelated things please. Wanna recommend ```nftables``` -- fine. But supply an answer, if not a direct one, then at least supply an alternative using nftables. Otherwise such comment does nothing to help – Роман Мавроян Jul 10 '20 at 09:04
  • That's why it's a comment and not an answer. It's simply a piece of information worth mentioning. Comments after all are meant to be "low-profile" additions to the original post. – Rayleigh Jul 10 '20 at 09:11
  • Exactly. An addition. In what way mentioning ```nftables``` to a guy who can't figure out ```iptables``` adds anything useful? – Роман Мавроян Jul 10 '20 at 09:30
  • I don't wish to discuss it any longer. If you disagree with the comment, flag it and let a moderator decide whether it should stay or not. Thank you. – Rayleigh Jul 10 '20 at 09:33

0 Answers0