Redirect OpenVPN gateway traffic to Privoxy

iptables proxy openvpn squid privoxy

Solution 1:

You can push proxy configuration to the OpenVPN clients.

From the OpenVPN Access Server web interface go to Advanced VPN Settings → Server Config Directives and enter the following directive with your proxy ip/port info.

push "dhcp-option PROXY_HTTP 111.222.333.44 8118"

I am not sure if all OpenVPN clients support this config. But on IOS it works well.

Solution 2:

Privoxy is an HTTP proxy. What you're trying to do is feed it intact network packets, which I'm 99% sure it's not going to accept that without some very complex mangle rules in iptables. Instead you should expose the proxy to the VPN (seems like it is already), and push it as a DHCP option to your VPN clients.

Instructions for doing that via OpenVPN can be found here https://forums.openvpn.net/topic14829.html and it can be done on a client-by-client basis using the ccd directory if you have that set up.

Solution 3:

Set up privoxy to listen on an address on the tunnel interface, for example 172.26.0.1, then just redirect VPN traffic to it:

sudo iptables -t nat -A PREROUTING --source 172.26.0.0/16 -p tcp -m tcp --dport 80 -j DNAT --to 172.26.0.1:8118

Related

Should be Vmware vCenter server high available?
Can I use iptables to rate limit an ipset?
Creating user groups and assigning users in Windows Server 2008
Can't Repair Mysql Table
How to setup a subdomain on nginx? [closed]
Redirect XMPP with DNS
How to distribute a virtual machine to allow users to try out a dependency-heavy program?
Buying an old laser printer -- what will need to be replaced?
vsftp login errors 530 login incorrect
Multiple OpenVPN clients on the same host
Does an SMTP server have to have a public IP?
set open_files_limit