From 88d53c579827f4b65f8727069bfda1340fd42068 Mon Sep 17 00:00:00 2001 From: Simon Rettberg Date: Wed, 23 Jan 2019 11:50:15 +0100 Subject: [redsocks] Add missing space to fix blacklist; switch to env-var for http Not all HTTP proxies seem to support transparent proxying. Use explicit proxying by setting http_proxy and no_proxy in profile. --- .../redsocks/data/opt/openslx/scripts/systemd-setup_proxy | 15 +++++++++++---- 1 file changed, 11 insertions(+), 4 deletions(-) (limited to 'core/modules/redsocks') diff --git a/core/modules/redsocks/data/opt/openslx/scripts/systemd-setup_proxy b/core/modules/redsocks/data/opt/openslx/scripts/systemd-setup_proxy index 4a40ffdc..376809d4 100755 --- a/core/modules/redsocks/data/opt/openslx/scripts/systemd-setup_proxy +++ b/core/modules/redsocks/data/opt/openslx/scripts/systemd-setup_proxy @@ -68,14 +68,21 @@ fi if [ -n "$SLX_PROXY_BLACKLIST" ]; then for ADDR in $SLX_PROXY_BLACKLIST; do - echo "iptables -t nat -A REDSOCKS -d '$ADDR'-j RETURN" + echo "iptables -t nat -A REDSOCKS -d '$ADDR' -j RETURN" done >> "$tfile" fi if [ "${SLX_PROXY_TYPE:0:5}" = "http-" ]; then - # transparent proxying for HTTP - echo "iptables -t nat -A REDSOCKS -p tcp --dport 80 -j DNAT --to-destination ${SLX_PROXY_IP}:${SLX_PROXY_PORT}" >> "$tfile" -fi + # transparent proxying for HTTP -- DOES NOT WORK, might give 400 Bad Request + #echo "iptables -t nat -A REDSOCKS -p tcp --dport 80 -j DNAT --to-destination ${SLX_PROXY_IP}:${SLX_PROXY_PORT}" >> "$tfile" + mkdir -p "/etc/profile.d" &> /dev/null + echo "export http_proxy='http://${SLX_PROXY_IP}:${SLX_PROXY_PORT}/'" + echo -n "export no_proxy='${SLX_PXE_SERVER_IP}" + for ADDR in $SLX_PROXY_BLACKLIST; do + echo -n ", $ADDR" + done + echo "'" +fi > "/etc/profile.d/99-proxy.sh" cat >> "$tfile" <