Re: nftables transparent proxy for outbound connections on a server
Good morning, all.
Is there anyone around to help me to setup a transparent proxy on Debian, please ?
I have tinyproxy running on my server, and I would like, with nftables,
to intercept any outbound web traffic (tcp ipv4.ipv6),
and to redirect to the proxy on 127.0.0.1:8888.
So far, I have seen these examples online:
> ...
> chain prerouting {
> type nat hook prerouting priority dstnat; policy accept;
> tcp dport { 80, 443 } counter dnat ip to 127.0.0.1:8888
> tcp dport { 80, 443 } counter dnat ip6 to [::1]:8888
> }
> ...
Or sometimes, I see using redirect or even tproxy
What is the best nftables approach, please ?
Can you copy and paste what you are using ?
Thanks,
André Rodier
Reply to: