* transparent squid & iptables
@ 2002-12-15 9:56 Abylai Ospan
2002-12-16 11:04 ` Arindam Haldar
2002-12-16 14:23 ` Andrew J. Meader
0 siblings, 2 replies; 3+ messages in thread
From: Abylai Ospan @ 2002-12-15 9:56 UTC (permalink / raw)
To: netfilter
[-- Attachment #1: Type: text/plain, Size: 550 bytes --]
Hello, All.
We tried to make transparent squid on 127.0.0.1 and REDIRECT (or DNAT) in iptables but iptables redirect pakets to the received interface IP.
In the iptables:
iptables -t nat -A PREROUTING -p TCP --dport 80 -j REDIRECT 3128
For example:
packet from user (IP: 10.0.0.5) to www.ru:80 received on eth0 (IP: 10.0.0.1). Packet redirected to the 10.0.0.1:3128 but squid listen on 127.0.0.1:3128 so nothing work ;-(
How we can redirect packet to the 127.0.0.1 port 3128 in iptables ?!
wbr, Abylai
NetUP Systems
Moscow, Russia
[-- Attachment #2: Type: text/html, Size: 1665 bytes --]
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: transparent squid & iptables
2002-12-15 9:56 transparent squid & iptables Abylai Ospan
@ 2002-12-16 11:04 ` Arindam Haldar
2002-12-16 14:23 ` Andrew J. Meader
1 sibling, 0 replies; 3+ messages in thread
From: Arindam Haldar @ 2002-12-16 11:04 UTC (permalink / raw)
To: Abylai Ospan; +Cc: netfilter
iptables -A PREROUTING -t nat -p 6 --dport 80 -j REDIRECT --to-port 3128
Abylai Ospan wrote:
> Hello, All.
>
> We tried to make transparent squid on 127.0.0.1 and REDIRECT (or DNAT)
> in iptables but iptables redirect pakets to the received interface IP.
>
> In the iptables:
> iptables -t nat -A PREROUTING -p TCP --dport 80 -j REDIRECT 3128
>
> For example:
> packet from user (IP: 10.0.0.5) to <http://www.ru>www.ru
> <http://www.ru>:80 received on eth0 (IP: 10.0.0.1). Packet redirected to
> the 10.0.0.1:3128 but squid listen on 127.0.0.1:3128 so nothing work ;-(
>
> How we can redirect packet to the 127.0.0.1 port 3128 in iptables ?!
>
> wbr, Abylai
> NetUP Systems
> Moscow, Russia
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: transparent squid & iptables
2002-12-15 9:56 transparent squid & iptables Abylai Ospan
2002-12-16 11:04 ` Arindam Haldar
@ 2002-12-16 14:23 ` Andrew J. Meader
1 sibling, 0 replies; 3+ messages in thread
From: Andrew J. Meader @ 2002-12-16 14:23 UTC (permalink / raw)
To: Abylai Ospan, netfilter
Hi,
Here is how I am doing it and it works nicely:
iptables -t nat -A PREROUTING -i $LOCAL -p tcp --dport 80 -j REDIRECT \
--to-port 3128
echo "PREROUTING: enableling transparent http proxy"
Have fun!
Andy
Abylai Ospan wrote:
> Hello, All.
>
> We tried to make transparent squid on 127.0.0.1 and REDIRECT (or DNAT)
> in iptables but iptables redirect pakets to the received interface IP.
>
> In the iptables:
> iptables -t nat -A PREROUTING -p TCP --dport 80 -j REDIRECT 3128
>
> For example:
> packet from user (IP: 10.0.0.5) to www.ru <http://www.ru>:80 received
> on eth0 (IP: 10.0.0.1). Packet redirected to the 10.0.0.1:3128 but
> squid listen on 127.0.0.1:3128 so nothing work ;-(
>
> How we can redirect packet to the 127.0.0.1 port 3128 in iptables ?!
>
> wbr, Abylai
> NetUP Systems
> Moscow, Russia
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2002-12-16 14:23 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2002-12-15 9:56 transparent squid & iptables Abylai Ospan
2002-12-16 11:04 ` Arindam Haldar
2002-12-16 14:23 ` Andrew J. Meader
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.