diff options
author | Simon Rettberg | 2019-01-23 11:50:15 +0100 |
---|---|---|
committer | root | 2019-01-23 11:50:15 +0100 |
commit | 88d53c579827f4b65f8727069bfda1340fd42068 (patch) | |
tree | 2bcbabd8793400f825fba72e99674c31dee32e9e /core/modules/redsocks/data/opt | |
parent | [iptables-helper] fix typo (diff) | |
download | mltk-88d53c579827f4b65f8727069bfda1340fd42068.tar.gz mltk-88d53c579827f4b65f8727069bfda1340fd42068.tar.xz mltk-88d53c579827f4b65f8727069bfda1340fd42068.zip |
[redsocks] Add missing space to fix blacklist; switch to env-var for http
Not all HTTP proxies seem to support transparent proxying. Use explicit
proxying by setting http_proxy and no_proxy in profile.
Diffstat (limited to 'core/modules/redsocks/data/opt')
-rwxr-xr-x | core/modules/redsocks/data/opt/openslx/scripts/systemd-setup_proxy | 15 |
1 files changed, 11 insertions, 4 deletions
diff --git a/core/modules/redsocks/data/opt/openslx/scripts/systemd-setup_proxy b/core/modules/redsocks/data/opt/openslx/scripts/systemd-setup_proxy index 4a40ffdc..376809d4 100755 --- a/core/modules/redsocks/data/opt/openslx/scripts/systemd-setup_proxy +++ b/core/modules/redsocks/data/opt/openslx/scripts/systemd-setup_proxy @@ -68,14 +68,21 @@ fi if [ -n "$SLX_PROXY_BLACKLIST" ]; then for ADDR in $SLX_PROXY_BLACKLIST; do - echo "iptables -t nat -A REDSOCKS -d '$ADDR'-j RETURN" + echo "iptables -t nat -A REDSOCKS -d '$ADDR' -j RETURN" done >> "$tfile" fi if [ "${SLX_PROXY_TYPE:0:5}" = "http-" ]; then - # transparent proxying for HTTP - echo "iptables -t nat -A REDSOCKS -p tcp --dport 80 -j DNAT --to-destination ${SLX_PROXY_IP}:${SLX_PROXY_PORT}" >> "$tfile" -fi + # transparent proxying for HTTP -- DOES NOT WORK, might give 400 Bad Request + #echo "iptables -t nat -A REDSOCKS -p tcp --dport 80 -j DNAT --to-destination ${SLX_PROXY_IP}:${SLX_PROXY_PORT}" >> "$tfile" + mkdir -p "/etc/profile.d" &> /dev/null + echo "export http_proxy='http://${SLX_PROXY_IP}:${SLX_PROXY_PORT}/'" + echo -n "export no_proxy='${SLX_PXE_SERVER_IP}" + for ADDR in $SLX_PROXY_BLACKLIST; do + echo -n ", $ADDR" + done + echo "'" +fi > "/etc/profile.d/99-proxy.sh" cat >> "$tfile" <<HEREDOCBROWN iptables -t nat -A REDSOCKS -p tcp -j REDIRECT --to-port 12345 |