Re: REDIRECT question - Ruslan Spivak

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Ruslan Spivak <alienoid@is.lg.ua>
To: Chris Wilson <chris@netservers.co.uk>
Cc: netfilter@lists.netfilter.org
Subject: Re: REDIRECT question
Date: Wed, 02 Jul 2003 14:14:20 +0300	[thread overview]
Message-ID: <3F02BE8C.7020701@is.lg.ua> (raw)
In-Reply-To: <Pine.LNX.4.44.0307021159470.16552-100000@localhost>

Chris Wilson wrote:

>Hi Ruslan,
>
>  
>
>>i want make transaparent proxy on localhost and want to disabe access 
>>after redirecting to port 3128 if destination address in net other then 
>>193.108.240.0/22.
>>Does REDIRECT target send packet to INPUT chain and i should disable 
>>access in INPUT chain or should i disable access in '-t nat -A 
>>POSTROUTING' chain?
>>    
>>
>
>You will not be able to disable access in the POSTROUTING chain, since 
>after reading the REDIRECT rule, no further rules in that chain are 
>processed. In any case, it is not recommended to filter in the nat table. 
>The best place to put your filtering rule is in the INPUT chain.
>
>Cheers, Chris.
>
Hello, Chris.

I just want to be sure that after redirecting, the packet is going to 
input chain where i can filter it. (am i right?)

Thanks for your reply.

Best regards,
Ruslan

next prev parent reply	other threads:[~2003-07-02 11:14 UTC|newest]

Thread overview: 10+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2003-07-02 10:56 REDIRECT question Ruslan Spivak
2003-07-02 11:01 ` Chris Wilson
2003-07-02 11:14   ` Ruslan Spivak [this message]
     [not found] <Pine.LNX.4.44.0307021216100.16552-100000@localhost>
2003-07-02 13:13 ` Ruslan Spivak
  -- strict thread matches above, loose matches on Subject: below --
2003-07-11 11:09 Ruslan Spivak
2003-07-13 21:55 George Vieira
2005-03-04 22:59 Redirect Question Gary W. Smith
2005-03-04 23:05 ` Gavin Hamill
2014-03-22 13:38 Redirect question Danny
2014-03-22 22:32 ` Nikolai Lusan

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=3F02BE8C.7020701@is.lg.ua \
    --to=alienoid@is.lg.ua \
    --cc=chris@netservers.co.uk \
    --cc=netfilter@lists.netfilter.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.