Correct answer: Community Forums - Re: Bypassing Linux Transperent Proxy server for T...

prisaz · ‎12-28-2010

Any Linux gurus out there that can assist with IP transperent proxy server that forces all port 80 traffic through the filter? Staying transperent and capturing all traffic through the proxy seemed a little challenging for me to get Tivo to bypass the proxy. TiVo does not like proxy servers.

My configuration for this trick. I had plenty of old hardwired routers sitting around. But I only had one ethernet cable from the basement to this third floor room. And switching cables in that room would bypass the proxy for the PC. All basement router hardware is in a locked room.

prisaz · ‎01-14-2011

FYI

Fix for TiVO to get through IP-Cop or Linux as a router when using a proxy firewall.

Add this to your rc.firewall.local. Also make sure you use your TiVOs IP. Set it as static or fixed lease in your DHCP.

# Tivo Fix
    /sbin/iptables -t nat -A CUSTOMPREROUTING -i eth0 -s 192.168.1.51 -p tcp --dport 80 -j ACCEPT
    /sbin/iptables -t nat -A CUSTOMPREROUTING -i eth0 -s 192.168.1.51 -p udp --dport 80 -j ACCEPT
    /sbin/iptables -A CUSTOMFORWARD -i eth0 -s 192.168.1.51 -p tcp --dport 80 -j ACCEPT
   /sbin/iptables -A CUSTOMFORWARD -i eth0 -s 192.168.1.51 -p udp --dport 80 -j ACCEPT

View solution in original post

lasagna · ‎12-28-2010

I'm not an IPCOP user, but is it using the basic firewall ipchains service on Linux to do the redirection? Can you get a shell on the linux box and run: "sudo ipfw list" and post the results?

prisaz · ‎12-28-2010

@lasagna wrote:
I'm not an IPCOP user, but is it using the basic firewall ipchains service on Linux to do the redirection? Can you get a shell on the linux box and run: "sudo ipfw list" and post the results?

Sure. I am running squid transperent proxy server, with DansGuardian filter. All port 80 traffic is routed through the proxy filter. It is running fine with the tangle of routers. But let me see what I can do, This is how ell it works. Last time I logged in as root. Last login: Sun May 16 09:48:18 2010

DansGuardian does a pretty fine job at parental controls. It has many features, and uses the Blacklist from squidguard k-12 if your interested.

http://squidguard.mesd.k12.or.us/

IP-Cop Linux 1.4.21. Newer beta build 1.9 out, but it takes more horse power and rather defetes the purpose of using old hardware as a router. Newer build supports newer hardware. What is IpCop.

http://www.ipcop.org/1.4.0/en/admin/html/index.html

To big and it would not let me post info. ipfw not available. How about iptables -L

Not just a simple Linux build with basic ipchains. Hardened kernal with complex rules. Throw in Squid transperent proxy and DansGuardian and things get really complex.

See attached

prisaz · ‎01-14-2011

FYI

Fix for TiVO to get through IP-Cop or Linux as a router when using a proxy firewall.

Add this to your rc.firewall.local. Also make sure you use your TiVOs IP. Set it as static or fixed lease in your DHCP.

# Tivo Fix
    /sbin/iptables -t nat -A CUSTOMPREROUTING -i eth0 -s 192.168.1.51 -p tcp --dport 80 -j ACCEPT
    /sbin/iptables -t nat -A CUSTOMPREROUTING -i eth0 -s 192.168.1.51 -p udp --dport 80 -j ACCEPT
    /sbin/iptables -A CUSTOMFORWARD -i eth0 -s 192.168.1.51 -p tcp --dport 80 -j ACCEPT
   /sbin/iptables -A CUSTOMFORWARD -i eth0 -s 192.168.1.51 -p udp --dport 80 -j ACCEPT

Discussions

Mobile

5G / LTE Home Internet

Fios

Accessories

Entertainment

Level Up

Help

Tutorials

Archives

Add thoughts to the community

Browse discussions within categories