How to create forward RDR pass for redsocks?

Murus
Post Reply
thinkv
Posts: 2
Joined: Wed Apr 22, 2015 2:42 am

How to create forward RDR pass for redsocks?

Post by thinkv » Wed Apr 22, 2015 4:26 am

Just trying to create a transparent proxy and pass it to charles.

Problem is i cant seem to get it to work.

The original IPFW commands i need are
$ sudo ipfw add fwd 127.0.0.1,12345 tcp from not me to any 80 in via en1
$ sudo ipfw add fwd 127.0.0.1,12345 tcp from not me to any 443 in via en1

When i use the configuration in murus pro, it says it has an incorrect configuration

Image

hany
Posts: 445
Joined: Wed Dec 10, 2014 5:20 pm

Re: How to create forward RDR pass for redsocks?

Post by hany » Thu Apr 23, 2015 12:03 pm

the correct syntax for a redirection rule in PF is:

rdr inet proto {tcp, udp} from any to any port {80 443} -> 127.0.0.1 port 12345

you try both "rdr" and "rdr pass" to see which is better for you.
There is no "from not me" option in pf. You have to negate a specific address or table. So instead of "from any to any", assuming you IP is 10.0.0.1, you can use

Code: Select all

from !{10.0.0.1} to any
. In case your "me" has more than one IP, you must create a pf table (NOT a list!). Example, create a pf table with all your ips (lets say you create pf table <this_mac> with 2 records, 10.0.0.1 and 192.168.2.1) then do like this:

Code: Select all

from !<this_mac> to any
.
DON'T do like this:

Code: Select all

 from !{10.0.0.1, 192.168.2.1} to any
this is a mistake, it won't work. Never use lists when using negation (!), only use single ips or pf tables.

I hope it helped :)

thinkv
Posts: 2
Joined: Wed Apr 22, 2015 2:42 am

Re: How to create forward RDR pass for redsocks?

Post by thinkv » Fri Apr 24, 2015 6:21 am

hany wrote:the correct syntax for a redirection rule in PF is:

rdr inet proto {tcp, udp} from any to any port {80 443} -> 127.0.0.1 port 12345

you try both "rdr" and "rdr pass" to see which is better for you.
There is no "from not me" option in pf. You have to negate a specific address or table. So instead of "from any to any", assuming you IP is 10.0.0.1, you can use

Code: Select all

from !{10.0.0.1} to any
. In case your "me" has more than one IP, you must create a pf table (NOT a list!). Example, create a pf table with all your ips (lets say you create pf table <this_mac> with 2 records, 10.0.0.1 and 192.168.2.1) then do like this:

Code: Select all

from !<this_mac> to any
.
DON'T do like this:

Code: Select all

 from !{10.0.0.1, 192.168.2.1} to any
this is a mistake, it won't work. Never use lists when using negation (!), only use single ips or pf tables.

I hope it helped :)
Thank you for the feedback..

I tried this and still i am getting no traffic through my proxy in charles :(

I set the to port as my ip outside of the vm, and did all traffic through it, but nothing works.
Wasted my money on this :(

hany
Posts: 445
Joined: Wed Dec 10, 2014 5:20 pm

Re: How to create forward RDR pass for redsocks?

Post by hany » Mon Apr 27, 2015 2:01 pm

configuring a transparent proxy and a firewall on the same machine can be tricky, I perfectly know it. You have to deal with problems like loops and split horizon dns. I never used redsocks so I'm sorry I can't help you, but let me say that redirection with Murus/PF is really easy and it works. You can test yourself redirecting, for example, an ssh server.
We are working at a complementary app for Murus, which features some services management including web proxy (squid). We will also add the option for a transparent proxy, and this app will be free for Murus customers. I hope this will help you.

Post Reply