PaulDotCom mailing list archives
transparent proxy and iptables failing
From: dninja at gmail.com (Robin Wood)
Date: Wed, 7 Oct 2009 17:57:34 +0100
2009/10/7 Will Metcalf <william.metcalf at gmail.com>:
iptables should work fine for this, I'm doing exactly what you are tying to accomplish in multiple places. try these rules... where eth0 should be replaced with the interface that your port 80 traffic comes in on.. #redirect web traffic to proxy iptables -t nat -A PREROUTING -m physdev --physdev-in eth0 -p tcp --dport 80 -j REDIRECT --to-port 3128 #accept the redirected traffic iptables -A INPUT -p tcp --dport 3128 -j ACCEPT iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT #allow all other traffic to move across the bridge ?iptables -A FORWARD -j ACCEPT
OK, I'm building the physdev kernel module and will give it a try. Robin
Current thread:
- transparent proxy and iptables failing Robin Wood (Oct 07)
- transparent proxy and iptables failing Will Metcalf (Oct 07)
- transparent proxy and iptables failing Robin Wood (Oct 07)
- transparent proxy and iptables failing Robin Wood (Oct 07)
- transparent proxy and iptables failing Will Metcalf (Oct 07)
- transparent proxy and iptables failing Robin Wood (Oct 07)
- transparent proxy and iptables failing Ben Greenfield (Oct 07)
- transparent proxy and iptables failing Robin Wood (Oct 07)
- transparent proxy and iptables failing Ben Greenfield (Oct 08)
- transparent proxy and iptables failing Robin Wood (Oct 08)
- transparent proxy and iptables failing Will Metcalf (Oct 07)
- transparent proxy and iptables failing Will Metcalf (Oct 07)
- transparent proxy and iptables failing Robin Wood (Oct 13)
- transparent proxy and iptables failing chris mewett (Oct 13)
- Message not available
- transparent proxy and iptables failing Robin Wood (Oct 14)