PaulDotCom mailing list archives
Re: need iptables help
From: Hans Kokx <skipmeister123 () gmail com>
Date: Sun, 23 Dec 2012 20:22:28 -0500
I just put this rule in the other day -- it catches all traffic coming in on port 80 and shoves it over to port 8080. Sounds like what you need, right? iptables -t nat -A OUTPUT -p tcp -m owner ! --uid-owner proxy --dport 80 -j REDIRECT --to-port 8080 iptables -A PREROUTING -t nat -i eth1 -p tcp --dport 80 -j REDIRECT --to-port 8080 On Sun, Dec 23, 2012 at 7:18 PM, Robin Wood <robin () digininja org> wrote:
I know very little iptables so no I haven't, got any pointers or any suggestions on specific examples? All I could find on Google were based on this. Robin On Dec 24, 2012 12:11 AM, "anthony kasza" <anthony.kasza () gmail com> wrote:Have you tried the FORWARD chain? -AK On Dec 23, 2012 7:01 PM, "Robin Wood" <robin () digininja org> wrote:Hi I need an IP tables rule that will catch all traffic going over a network bridge and send anything destined to port 80 to 8080. As the proxy that will be listening on port 8080 will modify some traffic to make it request from the IP of the local machine I'll need the rule to ignore requests to port 80 on the IP of the localhost. This is what I tried as this works with IP forwarding for things like ARP spoofing but this doesn't work in this instance, I think because there is no routing going on, the traffic is just being passed straight through. iptables -t nat -A PREROUTING -p tcp --destination-port 80 ! -d <local-IP> -j REDIRECT --to-port 8080 With this rule in place, if I drop the -d I can get pages being requested from the web server on the local machine to be bounced through the proxy. How do I do it? Got a few good tools going to be based on this if I can get it to work _______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com_______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com_______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
_______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
Current thread:
- need iptables help Robin Wood (Dec 23)
- Re: need iptables help anthony kasza (Dec 23)
- Re: need iptables help Robin Wood (Dec 23)
- Re: need iptables help Hans Kokx (Dec 23)
- Re: need iptables help Robin Wood (Dec 23)
- Re: need iptables help John Strand (Dec 23)
- Re: need iptables help Robin Wood (Dec 23)
- Re: need iptables help Robin Wood (Dec 24)
- Re: need iptables help Robin Wood (Dec 24)
- Re: need iptables help Nik (Dec 25)
- Re: need iptables help Robin Wood (Dec 26)
- Re: need iptables help Hans Kokx (Dec 26)
- Re: need iptables help Robin Wood (Dec 26)
- Re: need iptables help Hans Kokx (Dec 26)
- Re: need iptables help Robin Wood (Dec 26)
- Re: need iptables help Robin Wood (Dec 24)
- Re: need iptables help anthony kasza (Dec 23)