PaulDotCom mailing list archives
transparent proxy and iptables failing
From: william.metcalf at gmail.com (Will Metcalf)
Date: Wed, 7 Oct 2009 11:35:54 -0500
iptables should work fine for this, I'm doing exactly what you are tying to accomplish in multiple places. try these rules... where eth0 should be replaced with the interface that your port 80 traffic comes in on.. #redirect web traffic to proxy iptables -t nat -A PREROUTING -m physdev --physdev-in eth0 -p tcp --dport 80 -j REDIRECT --to-port 3128 #accept the redirected traffic iptables -A INPUT -p tcp --dport 3128 -j ACCEPT iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT #allow all other traffic to move across the bridge iptables -A FORWARD -j ACCEPT Regards, Will On Wed, Oct 7, 2009 at 11:16 AM, Robin Wood <dninja at gmail.com> wrote:
2009/10/7 Robin Wood <dninja at gmail.com>:I'm trying to setup a transparent proxy so I've got a linux device with two NICs which are bridged using brctl. Traffic flows happily across the bridge so I know it is working fine. Now when I try to setup the iptables rules they are being ignored. The rule I want to use is: iptables -t nat -A PREROUTING -i br-lan -p tcp --dport 80 -j REDIRECT --to-port 3128Various people, including people on the netfilter mailing list, have suggested that I need to use ebtables rather than iptables. Are there any ebtables experts out there who could help me rewrite this rule to ebtables? Robin _______________________________________________ Pauldotcom mailing list Pauldotcom at mail.pauldotcom.com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
Current thread:
- transparent proxy and iptables failing Robin Wood (Oct 07)
- transparent proxy and iptables failing Will Metcalf (Oct 07)
- transparent proxy and iptables failing Robin Wood (Oct 07)
- transparent proxy and iptables failing Robin Wood (Oct 07)
- transparent proxy and iptables failing Will Metcalf (Oct 07)
- transparent proxy and iptables failing Robin Wood (Oct 07)
- transparent proxy and iptables failing Ben Greenfield (Oct 07)
- transparent proxy and iptables failing Robin Wood (Oct 07)
- transparent proxy and iptables failing Ben Greenfield (Oct 08)
- transparent proxy and iptables failing Robin Wood (Oct 08)
- transparent proxy and iptables failing Will Metcalf (Oct 07)
- transparent proxy and iptables failing Will Metcalf (Oct 07)
- transparent proxy and iptables failing Robin Wood (Oct 13)
- transparent proxy and iptables failing chris mewett (Oct 13)
- Message not available
- transparent proxy and iptables failing Robin Wood (Oct 14)