redsocks not forwarding proxy requests in RHEL 8 #161
Description
I am trying to figure out what the cause is. It worked flawlessly for me in debian.
I am running RHEL 8 right now, and I set up redsocks in exactly the same way to try and transparently proxy to squid. Here is my redsocks.conf:
base {
log_debug = off;
log_info = on;
log = "file:/var/log/redsocks.log";
daemon = on;
user = redsocks;
group = redsocks;
redirector = iptables;
}
redsocks {
local_ip = 127.0.0.1;
local_port = 12345;
ip = 127.0.0.1;
port = 3128;
type = http-connect;
}
Here are the iptables commands I use:
iptables -t nat -A OUTPUT -m owner --uid-owner justin -p tcp --dport 80 -j REDIRECT --to-port 12345
iptables -t nat -A OUTPUT -m owner --uid-owner justin -p tcp --dport 443 -j REDIRECT --to-port 12345
ip6tables -t nat -A OUTPUT -m owner --uid-owner justin -p tcp --dport 80 -j REDIRECT --to-port 12345
ip6tables -t nat -A OUTPUT -m owner --uid-owner justin -p tcp --dport 443 -j REDIRECT --to-port 12345
In the redsocks logs I can see that new connections are coming in, but nothing else.
1616694520.847829 notice main.c:165 main(...) redsocks started, conn_max=32768
1616694605.629614 info redsocks.c:1243 redsocks_accept_client(...) [10.0.0.169:33050->52.39.165.66:443]: accepted
1616694606.421735 info redsocks.c:1243 redsocks_accept_client(...) [10.0.0.169:45062->172.217.2.4:443]: accepted
1616694606.682479 info redsocks.c:1243 redsocks_accept_client(...) [10.0.0.169:45066->172.217.2.4:443]: accepted
On the client side, the connection just spins for a while before timing out.
When I look at a pcap, I can see the connect requests coming into squid, but no handshake, etc.
Any idea where to start looking? I can connect to the squid proxy manually and it works fine, so it is hard to imagine that squid is the problem.
I disabled SELinux to see if that was causing problems, that didn't help.