Configure the HTTP transparent proxy case using Nginx in the gateway

2020-05-10 23:14:12
OfStack

An HTTP transparent proxy is set up at the gateway level to hijack a user's HTTP request and forward or respond directly for some reason.

iptables configuration

iptables is used to forward upstream traffic from port TCP 80 through the gateway to the Nginx service on the gateway.


sudo iptables -t nat -A PREROUTING -p tcp -m tcp --dport 80 -j DNAT \
--to-destination  The gateway IP: port

Nginx demo configuration


worker_processes  1;

events {
    worker_connections  1024;
}

http {
    include       mime.types;
    default_type  application/octet-stream;

    sendfile        on;
    keepalive_timeout  65;

    server {
        listen       8000;
        server_name  localhost;

        resolver 8.8.8.8;

        location /test {
            proxy_pass http://hev.cc/sftp/files/;
            proxy_buffers 256 4k;
            proxy_max_temp_file_size 0k;
        }

        location / {
            #  Contain key words  ' The computer '  Redirected to  /test
            rewrite ^.* The computer .*$ /test last;

            #  General transparent agent 
            proxy_pass $scheme://$host$request_uri;
            proxy_set_header Host $http_host;
            proxy_buffers 256 4k;
            proxy_max_temp_file_size 0k;
        }
    }

    #  matching  *.baidu.com  The domain name 
    server {
        listen       8000;
        server_name  *.baidu.com;

        location / {
            root   html;
            index  index.html index.htm;
        }
    }
}