• March 28, 2024, 05:41:06 PM
  • Welcome, Guest
Please login or register.

Login with username, password and session length
Advanced search  

News:

This Forum Beta is ONLY for registered owners of D-Link products in the USA for which we have created boards at this time.

Author Topic: How to Forward to external Http-Proxy?  (Read 14401 times)

dustfinger

  • Level 1 Member
  • *
  • Posts: 7
How to Forward to external Http-Proxy?
« on: November 23, 2011, 05:08:35 AM »

Hi,

Goal: To forward requests over port 80 from my LAN to an external server on a specific port, that is I would like to forward all requests over http to an external proxy.

I know that this can be done with IP-Tables, but I would like to do the same thing with my D-Link. I have looked at Advanced --> Routing, but that seems to be specifically for inbound requests. I want to do this for outbound requests. Does anyone know if this can be achieved with the D-Link DIR-655?

Sincerely,

dustfinger.
Logged

Hard Harry

  • Guest
Re: How to Forward to external Http-Proxy?
« Reply #1 on: November 23, 2011, 11:49:00 PM »

I don't think you can do that on this router. But to say for sure, I would need to know a bit more of what your doing. Would you be routing a specific IP from your intranet to the proxy? Or are you trying to route all traffic. If so, how would you handle DNS?
Logged

dustfinger

  • Level 1 Member
  • *
  • Posts: 7
Re: How to Forward to external Http-Proxy?
« Reply #2 on: November 24, 2011, 04:35:14 AM »

Thank you for your reply,

I want to route HTTP traffic on port 80 from all computers in my LAN to to a specific proxy server. I know that I could configure each client browser, but my requirements are such that I need to find a solution at the router level. With IP-Tables I believe that this can be done with the following rules:

    * iptables -t nat -A PREROUTING -i eth0 -s ! squid-box -p tcp --dport 80 -j DNAT --to squid-box:3128
    * iptables -t nat -A POSTROUTING -o eth0 -s local-network -d squid-box -j SNAT --to iptables-box
    * iptables -A FORWARD -s local-network -d squid-box -i eth0 -o eth0 -p tcp --dport 3128 -j ACCEPT

I am not sure how to accomplish this with the DIR-655 and I am beginning to think that it is not possible. Is this something that is not possible to do with most consumer routers today, or is this just a feature that the DIR-655 does not have?

Sincerely,

dustfinger.
Logged

davevt31

  • Level 9 Member
  • ****
  • Posts: 1589
Re: How to Forward to external Http-Proxy?
« Reply #3 on: November 24, 2011, 09:47:10 AM »

There is no command line interface to the 655 not sure about other consumer models, but I would doubt that many of them have command line interfaces either.
Logged

dustfinger

  • Level 1 Member
  • *
  • Posts: 7
Re: How to Forward to external Http-Proxy?
« Reply #4 on: November 24, 2011, 11:45:55 AM »

Thank you for your response davevt31! It is not important to me if the DIR-655 supports a command line interface. I only used the IP-TABLE rules to illustrate that some routers do support what I would like to do. I am simply looking for a way to do port-forwarding to external servers. The key goal is to forward all requests from my LAN over port 80 to an external http proxy server.

Sincerely,

dustfinger.
Logged

nicknml

  • Level 3 Member
  • ***
  • Posts: 104
Re: How to Forward to external Http-Proxy?
« Reply #5 on: November 24, 2011, 05:12:38 PM »

Too bad there is no way to console into the router and have direct access to iptables, it would be nice.
Logged

Hard Harry

  • Guest
Re: How to Forward to external Http-Proxy?
« Reply #6 on: November 24, 2011, 05:38:40 PM »

Yea, I think your looking for a Cisco type proffesional router. I still don't understand exactly what your trying to do, but I am about 95% sure you can't do it.
Logged

nicknml

  • Level 3 Member
  • ***
  • Posts: 104
Re: How to Forward to external Http-Proxy?
« Reply #7 on: November 24, 2011, 05:48:13 PM »

He's trying to setup a transparent proxy senario from what I gather in which all web traffic gets redirected to a proxy server without having to configure web browsers on client machines to do so, although I'm not sure of his reason use a server outside of the LAN.
Logged

dustfinger

  • Level 1 Member
  • *
  • Posts: 7
Re: How to Forward to external Http-Proxy?
« Reply #8 on: November 25, 2011, 01:33:16 PM »

Hi nicknml,

You are correct, I am trying to setup a transparent proxy scenario where the proxy server is running in a remote environment. The reason is not really that important, but basically they want to use a centralized remote proxy for a number of separate networks. One of the routers being used is the DIR-655. I believe that if I could configure the router to do port forwarding to an external IP, then I would satisfy the requirements for the transparent proxy. I don't think that it is going to be possible though :( Not with the DIR-655 at least.

Is it a common feature for routers to be able to perform port forwarding to external IP addresses, or do most consumer grade routers suffer from the same limitations as the DIR-655?

Sincerely,

dustfinger.
Logged

nicknml

  • Level 3 Member
  • ***
  • Posts: 104
Re: How to Forward to external Http-Proxy?
« Reply #9 on: November 25, 2011, 07:51:45 PM »

You would be better off to setup an inexpensive Linux box to act as a router (a distro such as CentOS works well).  The only downsides are that it would consume more power and requires more space than a small router appliance.  You can then setup the DIR-655 as an AP if you want wireless connectivity.

If you want an inexpensive PC check this one out:
Fujitsu PRIMERGY TX100 S2 Tower Server System
 
You would also of course need a second NIC.
« Last Edit: November 25, 2011, 07:53:38 PM by nicknml »
Logged

Hard Harry

  • Guest
Re: How to Forward to external Http-Proxy?
« Reply #10 on: November 25, 2011, 08:13:32 PM »

He's trying to setup a transparent proxy senario from what I gather in which all web traffic gets redirected to a proxy server without having to configure web browsers on client machines to do so, although I'm not sure of his reason use a server outside of the LAN.

Perhaps I mispoke, I knew what he was doing, I was trying to figure out why. I agree with you that he is probably not going to get the job done with a off the shelf router. Here is something that may be handy. Good luck on your endeavors.
Logged

dustfinger

  • Level 1 Member
  • *
  • Posts: 7
Re: How to Forward to external Http-Proxy?
« Reply #11 on: November 26, 2011, 05:02:24 AM »

Hi,
Thank you once again for all of the helpful feedback. Is it a limitation of the DIR-655 that I cannot do port forwarding to an external IP, or is this a very common limitation amongst noncommercial routers?
Sincerely,
dustfinger
Logged

nicknml

  • Level 3 Member
  • ***
  • Posts: 104
Re: How to Forward to external Http-Proxy?
« Reply #12 on: November 26, 2011, 07:28:24 AM »

Hi,
Thank you once again for all of the helpful feedback. Is it a limitation of the DIR-655 that I cannot do port forwarding to an external IP, or is this a very common limitation amongst noncommercial routers?
Sincerely,
dustfinger

It's a common limitation for most consumer routers (unless you install a third-party firmware like dd-wrt but not all routers are supported and installing third-party firmware voids most warranties.)
Logged

Hard Harry

  • Guest
Re: How to Forward to external Http-Proxy?
« Reply #13 on: November 26, 2011, 12:05:01 PM »

It sounds like he has the technical knowledge to do it, based on his previous post, but I think he might want to go with a business class device if for no better reason but hardware. If your setting this up for a school or library (most common reason for a http proxy yes?) and you have 15-20 computers hooked up to it, your at the limit (and perhaps past) this devices capability. You might see crashes and random drops as resources max out. So either way, if you do manage to get it to work, keep a eye on it.
Logged