My goal is to transparently proxy all HTTP requests from a single IP (my laptop, 192.168.1.134) on my LAN to an external IP (internet VPS, lets say X.X.X.X) running a proxy server (specifically mitmproxy running in transparent mode), listening on port 80.
My home LAN is powered by an ASUS RT-N66U router running the Asuswrt-Merlin firmware. The router has ip 192.168.1.1 and is the default gateway of every device on my network. To forward the traffic, I've ssh'd to my router and ran the following iptables commands:
iptables -t nat -A PREROUTING -s 192.168.1.134 -p tcp --dport 80 -j DNAT --to X.X.X.X:80
iptables -t nat -A POSTROUTING -j MASQUERADE
Additionally, IP forwarding is enabled on my router:
admin@RT-N66U:/tmp/home/root# cat /proc/sys/net/ipv4/ip_forward
1
This results in something, but it's not what I'm expecting. From 192.168.1.134 (my laptop), when I do a simple http request (e.g. curl http://example.com), I can see in my proxy's event log that mitmproxy reports a client has connected (using the NAT'd public IP of my router, issued by my ISP), however that's about as far as it gets. It never goes any further than that and my curl command just waits. Eventually I see "Connection reset by peer" on in my proxy's log and the connection is closed.
Any help would be suggested. I must admit, I'm not very proficient with iptables.
