[n0csw]

Hey everyone, I haven't been able to find any info on this subject after many hours of searching...

I have wifidog running with DD-wrt very well, I have just one question:

I have my Hotspot AP connected to its own Ethernet port on my Ubuntu server and i'm trying to get dd-wrt to use squid as a transparent proxy, which is also running on the server.

However, I know wifidog does set firewall rules that seem to override my transparent proxy script as soon as someone connects.

my script is as follows (Startup):
#!/bin/sh
PROXY_IP=192.168.3.2
PROXY_PORT=3128
LAN_IP=`nvram get lan_ipaddr`
LAN_NET=$LAN_IP/`nvram get lan_netmask`

iptables -t nat -A PREROUTING -i br0 -s $LAN_NET -d $LAN_NET -p tcp --dport 80 -j ACCEPT
iptables -t nat -A PREROUTING -i br0 -s ! $PROXY_IP -p tcp --dport 80 -j DNAT --to $PROXY_IP:$PROXY_PORT
iptables -t nat -I POSTROUTING -o br0 -s $LAN_NET -d $PROXY_IP -p tcp -j SNAT --to $LAN_IP
iptables -I FORWARD -i br0 -o br0 -s $LAN_NET -d $PROXY_IP -p tcp --dport $PROXY_PORT -j ACCEPT

The script works fine until I enable wifidog, does anyone know a workaround?

my second question would be, is it proper to assume I could enable a firewall rule on the Ubuntu server that will make all traffic from port eth1 go to port 3128 on 192.168.3.2?

Thanks a bunch in advance!

[Sash]

try to use "http redirect". which does what you want

[n0csw]

Heya,

Thanks for the reply I forgot to put that in my previous post, http redirect was the first thing I tried. it bypasses wifidog if i enable it.

Chris W