iptables & squid - Daniel Ivanov

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Daniel Ivanov <sertys@supportivo.org>
To: netfilter@lists.netfilter.org
Subject: iptables & squid
Date: Sat, 15 Oct 2005 16:54:04 +0300	[thread overview]
Message-ID: <435109FC.7000903@supportivo.org> (raw)

I could finally manage to bump packets from a bsd box to my squid and 
thanks to ipfw they come un-rewritten in the form
{internal_net_ip} -> {destination_ip}
This is ok. I set a simple redirect rule in the prerouting:
iptables -t nat -A PREROUTING -p tcp --dport 80 -s internal_net/mask -j 
REDIRECT --to-ports 80

Packets jump to my proxy and pass through.
But i get them returned in the form:
{squid_box} -> {ip_from_internal_network}
 This way they are impossible for shaping. How would i make such a packet
{destination_ip} -> {internal_net_ip}
by means of iptables.

Would a DNAT do the trick and will it be hit if a have a REDIRECT target 
already in the PREROUTING.
Otherwise the REDIRECT is also available in the OUTPUT chain of the nat 
table.

next             reply	other threads:[~2005-10-15 13:54 UTC|newest]

Thread overview: 14+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2005-10-15 13:54 Daniel Ivanov [this message]
2005-10-16 18:16 ` iptables & squid Henrik Nordstrom
  -- strict thread matches above, loose matches on Subject: below --
2006-11-27  8:48 Iptables, squid alok pathak
2006-11-27 10:51 ` piraguasu
2004-09-26 10:40 iptables+squid it clown
2004-09-26  5:35 iptables + squid it clown
2004-09-26 14:27 ` Jason Opperisano
2004-09-26 18:54   ` Scott Mayo
2004-09-26 20:33   ` Jose Maria Lopez
2004-09-26 20:57     ` Jason Opperisano
2003-07-31 23:51 IPTables & Squid Daniel Camacho
2003-08-01  8:10 ` Philip Craig
2003-08-01 21:25   ` Daniel Camacho
2003-08-01 23:00     ` Arnt Karlsen

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=435109FC.7000903@supportivo.org \
    --to=sertys@supportivo.org \
    --cc=netfilter@lists.netfilter.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.