[isf-wifidog] Content filtering

Chris Rowson christopherrowson at gmail.com
Mar 13 Nov 16:25:52 EST 2007


On Nov 13, 2007 8:16 PM, Eric S. Jensen <esjensen42 at comcast.net> wrote:
> Hello Wifidog list,
>
> What is the best way to configure iptables, Wifidog, and a web proxy so they
> work simulataneously?
>
> Specifically, I am trying to add tinyproxy to a Wifidog machine so it acts as
> a transparent proxy for all the traffic it routes.  These iptables rules that
> redirect port 80 to 8888 make tinyproxy work, but they bypass Wifidog:
>
> iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 80 -j DNAT --to
> 192.168.1.1:8888
> iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port
> 8888
>
> If I start Wifidog and then invoke these commands, it works correctly:
> iptables -t nat -I WiFiDog_WIFI2Internet -i eth0 -m mark --mark 0x2 -p tcp
> --dport 80 -j REDIRECT --to-port 8888
> iptables -t nat -I  WiFiDog_WIFI2Internet -i eth1 -m mark --mark 0x2 -p tcp
> --dport 80 -j DNAT --to 192.168.1.1:8888
>
> I have modified Wifidog so that if I add "WebProxyPort 8888" to the config
> file, Wifidog sets up those second rules along with the rest of its iptables
> changes.   This works, but it does not seem like the way it ought to be done.
>
>
> Eric

Hi Eric,

Don't know if this is what you want, but I had a go at documenting my
setup of a public wireless internet system including routing all port
80 traffic through a proxy.

You can find it here
http://justuber.com/publicwifi:public_wireless_internet_access

Chris


Plus d'informations sur la liste de diffusion WiFiDog