In this post, we will see how to connect from mac to another machine (as a forwarding proxy) then to the internet (or to a private network 😉).
The steps will focus to macos client, but it can be any other OS.
First, You need to install squid proxy on your Windows/Linux box (the jump box). there are many ways to do so, in my case I used a docker image for squid proxy.
docker run -d -p 3128:3128 --restart unless-stopped cosmicq/docker-squid
Now, go to macOS, and you need to change the proxy settings in two places, the
System Preferences > Network and in the shell.
System Preferences > Network, Click Advanced, then go to the proxy tab and in the
https sections, enter the ip/port of the proxy:
Note, you can use commands to set the proxy instead of using GUI, as follows:
networksetup -setwebproxy wi-fi 192.168.100.39 3128 networksetup -setwebproxystate wi-fi on networksetup -setsecurewebproxystate wi-fi on
This will make it easy to enable/disable the proxy setting on a user basis.
The last step is to set the
https_proxy in your shell.
You can append the following at the end of your
export http_proxy="192.168.100.39:3128" export https_proxy=$http_proxy
The squid proxy works well for HTTP/HTTPS traffic. however, some traffic is TCP traffic. There are different solutions to this problem, but I fixed it by using a native port-forward solution in windows using the command
In my case, I needed to access a DB server accessible from windows machine by 192.168.100.100/1433, so I run the following command in windows cmd (as administrator)
netsh interface portproxy add v4tov4 listenport=14330 connectport=1433 connectaddress=192.168.100.100
which will open port 14330 on the windows machine and forward traffic to the DB server at 192.168.100.100 on port 1433.
Now I can connect to the DB server from mac on the windows IP address (in my case 192.168.100.39) on port 14330.
To delete the port-forwarding:
netsh interface portproxy delete v4tov4 listenport=14330
To list port-forwarding:
netsh interface portproxy show v4tov4