PaulDotCom mailing list archives
transparent proxy and iptables failing
From: dninja at gmail.com (Robin Wood)
Date: Sat, 17 Oct 2009 11:01:55 +0100
2009/10/7 Robin Wood <dninja at gmail.com>:
I'm trying to setup a transparent proxy so I've got a linux device with two NICs which are bridged using brctl. Traffic flows happily across the bridge so I know it is working fine. Now when I try to setup the iptables rules they are being ignored. The rule I want to use is: iptables -t nat -A PREROUTING -i br-lan -p tcp --dport 80 -j REDIRECT --to-port 3128 but nothing gets redirected. I've also tried changing 3128 to a port that is closed to see what would happen, nothing, the packets kept flowing. I've also tried clearing the list and then adding iptables -t nat -A PREROUTING -i br-lan -p tcp --dport 80 -j DROP which should kill all web traffic but it doesn't. As a last resort I tried iptables -t nat -A PREROUTING -i br-lan -p tcp -j DROP which should kill all TCP traffic but again, nothing. What am I doing wrong?
An update to this... I just tried replacing the Fon that I was originally running on with a laptop with two completely independent NICs and the first command I posted here works fine. Looks like the issue is the Fon and the two NICs probably being one real one somehow virtualised into two, or, iptables on the Fon is just broken. I'd go for the first as the NICs by default come up as eth0.0 and eth0.1. I'm going to dig into this further and try putting a USB NIC on the Fon and see what happens. Robin
Current thread:
- transparent proxy and iptables failing, (continued)
- transparent proxy and iptables failing Robin Wood (Oct 07)
- transparent proxy and iptables failing Will Metcalf (Oct 07)
- transparent proxy and iptables failing Robin Wood (Oct 07)
- transparent proxy and iptables failing Ben Greenfield (Oct 07)
- transparent proxy and iptables failing Robin Wood (Oct 07)
- transparent proxy and iptables failing Ben Greenfield (Oct 08)
- transparent proxy and iptables failing Robin Wood (Oct 08)
- transparent proxy and iptables failing Will Metcalf (Oct 07)
- transparent proxy and iptables failing Robin Wood (Oct 07)
- transparent proxy and iptables failing Robin Wood (Oct 13)
- transparent proxy and iptables failing chris mewett (Oct 13)
- Message not available
- transparent proxy and iptables failing Robin Wood (Oct 14)