Tinyproxy is a light-weight HTTP/HTTPS proxy daemon for POSIX operating systems. Designed from the ground up to be fast and yet small, it is an ideal solution for use cases such as embedded deployments where a full featured HTTP proxy is required, but the system resources for a larger proxy are unavailable.
If a full featured HTTP proxy is required, the tinyproxy package is an ideal solution for you as a larger proxy might be unavailable in this environment.
opkg update opkg install tinyproxy luci-app-tinyproxy
uci set tinyproxy.@tinyproxy.enabled=1 uci commit /etc/init.d/tinyproxy enable /etc/init.d/tinyproxy restart
uci add firewall redirect uci set firewall.@redirect.name='Transparent Proxy Redirect' uci set firewall.@redirect.src=lan uci set firewall.@redirect.proto=tcp uci set firewall.@redirect.dest_port=8888 uci set firewall.@redirect.src_dport=80 uci set firewall.@redirect.src_dip='!192.168.1.1' uci set firewall.@redirect.dest_ip=192.168.1.1 uci commit firewall /etc/init.d/firewall restart
Note that the
firewall.@redirect.src_dip=!192.168.1.1 option is important, if you missed this option you may not connect to LuCI. I can't find this option in the LuCI "Network ⇒ Firewall ⇒ Traffic Redirection" page, so be careful if you're using LuCI.
Note also that by default tinyproxy does not allow connections from other hosts so you will need to enable this. One way is to comment out the "Allow" line from the config.
If you're using Attitude Adjustment 12.09 and maybe setup IPv6 on your OpenWrt box then this may be helpful. These notes only have a few hours of testing; second opinions, better advice welcomed:
firewall.@redirect.src_dip=!192.168.1.1LuCI option is called "External IP address" in 12.09 and you'll have to enter a –custom– value to enter the leading !
Some help with tinyproxy logging and log analysis here: http://www.farville.com/?p=314