iptables help

I want to redirect all outgoing HTTP traffic to a Squid proxy. I tried:

$IPTABLES -t nat -A PREROUTING -s 192.168.2.192 -p tcp --dport 80 -j
DNAT --to 192.168.2.231:3128

to test my intended rule:

$IPTABLES -t nat -A PREROUTING -i eth1 -p tcp --dport 80 -j DNAT --to
192.168.2.231:3128

However, it doesn't work... I can no longer access web pages at all, and
Squid isn't seeing my requests at all. iptables -L doesn't show
anything that has to do with the new rule. So, I botched something, but
aren't sure what :-)

--
* John Oliver http://www.john-oliver.net/ *

In comp.security.firewalls John Oliver wrote:
> I want to redirect all outgoing HTTP traffic to a Squid proxy. I tried:
>
> $IPTABLES -t nat -A PREROUTING -s 192.168.2.192 -p tcp --dport 80 -j
> DNAT --to 192.168.2.231:3128
>
> to test my intended rule:
>
> $IPTABLES -t nat -A PREROUTING -i eth1 -p tcp --dport 80 -j DNAT --to
> 192.168.2.231:3128
>
> However, it doesn't work... I can no longer access web pages at all,
> and Squid isn't seeing my requests at all. iptables -L doesn't show
> anything that has to do with the new rule. So, I botched something,
> but aren't sure what :-)

RTM

http://tldp.org/HOWTO/TransparentProxy.html

cu
59cobalt
--
"If a software developer ever believes a rootkit is a necessary part of
their architecture they should go back and re-architect their solution."
--Mark Russinovich

iptables -t nat -A PREROUTING -p TCP --dport 80 -j REDIRECT --to-port 3128

Found at http://www.visolve.com/squid/whitepa...ns_caching.php

--
jbeasley@sdf.lonestar.org
SDF Public Access UNIX System - http://sdf.lonestar.org

iptables help - Security

Thread: iptables help

LinkBack

Tools

iptables help

Re: iptables help

Re: iptables help