Configuring the Firewall

Next up we need to configure the firewall to do NAT &
port redirection for our transparent proxy. We also need to open certain ports on the firewall for our clients to connect. Specifically we need to allow TCP ports 22, 1080, 10443, 3129 and 3130.

Type the following commands in order, pressing Enter after
each:
· ufw allow OpenSSH
· ufw allow 1080/tcp
· ufw allow 10443/tcp
· ufw allow 3129/tcp
· ufw allow 3130/tcp
· ufw enable and Enter, Y to confirm.

Next, we need to set up the NAT and redirection rules.

Type nano /etc/ufw/before.rules and press
Enter.

Type out the contents of the screenshot as is (from # START
SQUID RULES to # END SQUID RULES – remember to substitute IP addresses with
your server values), right at the top of the file (below the first couple of
comment lines), then save and exit.

We also need to make a change to the firewall’s default
forwarding policy.

Type nano /etc/default/ufw and press Enter.

Look for the line in the screenshot above, and change it
from DROP to ACCEPT. Save and Exit, then Reboot.

And finally we need to manke a few changes to the
/etc/sysctl.conf file.

Type nano /etc/sysctl.conf and press Enter.

Find the underlined lines, and set the values as above.
Uncomment the lines where necessary.

Also add the above lines to the bottom of the file, Save and
Exit. Then type sysctl -p -w and press Enter to apply the
changes.  

And the firewall is configured!

Next Up: Configuring Squid, Apache and SARG