http://www.linuxhomenetworking.com/wiki/index.php/Quick_HOWTO_:_Ch32_:_Controlling_Web_Access_with_Squid **Proxy transparente** ====== Puerto 80 ====== Instalar Squid y configurar la conexión a otro proxy: http_port :3128 transparent cache_peer parent 3128 0 login=usuario:contrasenya no-query default round-robin cache_peer parent 3128 0 login=usuario:contrasenya no-query default round-robin Por ejemplo: http_port 192.168.1.4:3128 transparent cache_peer 10.145.0.36 parent 3128 0 login=ca.lafou:qh76SPga no-query default round-robin cache_peer 10.145.2.34 parent 3128 0 login=ca.lafou:qh76SPga no-query default round-robin ====== Resto de puertos ====== Configuramos una conexión con el corkscrew por el puerto 443 a una VPN de un servidor en inernet #! /bin/bash iptables -t nat -D PREROUTING -i br0 -p tcp --dport 80 -j REDIRECT --to-port 3128 iptables -t nat -D POSTROUTING -o tun0 -j MASQUERADE iptables -t nat -A PREROUTING -i br0 -p tcp --dport 80 -j REDIRECT --to-port 3128 route add -net 10.145.0.0 netmask 255.255.0.0 gw 192.168.1.1 route del default route add -host 192.168.65.1 dev tun0 route add default gw 192.168.65.1 iptables -t nat -A POSTROUTING -o tun0 -j MASQUERADE Corkscrew: Fichero .ssh/config: Host calafouproxy Port 443 ProxyCommand /usr/bin/corkscrew 10.145.0.36 3128 94.23.80.158 443 /home/caedes/.proxycalafou IdentityFile /root/.ssh/tunnel_key OpenVPN client dev tun proto tcp remote 127.0.0.1r 1194 resolv-retry infinite nobind persist-key persist-tun ca ca.crt cert seldon.crt key seldon.key #comp-lzo verb 3 #cipher none script-security 2 up /etc/openvpn/up.sh Fichero /etc/openvpn/up.sh es el script del uptables /etc/inetd.conf # ssh tunnel to smarthost.com's SMTP server 127.0.0.1:1194 stream tcp nowait root /usr/bin/ssh -q -T vpncalafou@calafouproxy