What package should i install for proxy

How can I make OpenWRT filter traffic by local IP(or MAC address) and route it through a proxy (like Brightdata)? Which package should I use for this?

The preinstalled firewall can intercept packets and forward them to a different destination based on source IP or MAC.

Looks like you need a "transparent proxy"; I bet you will find many guides, using that search term.

1 Like

Does that mean that by simply editing the iptables/nftables, I can achieve the transparent proxy? And can I perform all these tasks using Network>Firewall>IP Sets?

No. You can only redir the packets to the proxy, you want to use.
Which should work for http, at least. However, I very doubt, that your Brightdata can process your redirected https traffic.

1 Like

If the client is not aware of the https proxy then the intercepted connections will provoke man-in-the-middle-attack warnings and eventually they won't work or will be constantly annoying you about the certificate mismatch.


Thank you for all the help; it has been overwhelming for me.

I'll stick to using the proxy directly on my PC. :sweat_smile:

1 Like

I would recommend tinyproxy and if that is not enough you might look at squid. Tinyproxy is quite simple, which is an advantage. The Wiki has a bit of information: https://openwrt.org/docs/guide-user/services/proxy/tinyproxy

I recommend to NOT use tinyproxy to create a transparent proxy, but to configure your device-to-be-proxied and tell that device about the proxy.

thank you, i will check them out later.

I am using Tinyproxy just as a filtering proxy. Your usecase seems to be covered if you specify an "upstream" proxy, so a second proxy to use.

Assuming you control the devices connected to your network, you can manually configure them to contact Tinyproxy. This setup allows Tinyproxy to send data to the upstream proxy for further processing.

To make sure users can't bypass the proxy easily, you should configure the firewall. It will block any traffic from the user devices you want to force to use the proxy when they try to access the internet directly.

Good luck with your setup!

thank you :grinning:
i will check it up after doing more researches.

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.