On Sun, 03 Aug 2008 00:25:00 -0700, julien passed an empty day by writing:
> Hello,
> I'm using iptables to redirect all the TCP traffic to a transparent
> proxy. It seems taht the rules are there: # iptables -t nat --list
> Chain PREROUTING (policy ACCEPT)
> target prot opt source destination DNAT tcp --
> anywhere !X.X.X.X to:X.X.X.X:Y
>
> Chain POSTROUTING (policy ACCEPT)
> target prot opt source destination MASQUERADE all --
> anywhere anywhere
>
> Chain OUTPUT (policy ACCEPT)
> target prot opt source destination
>
> But when I do, for example, an HTTP request on port 80, it is not
> redirected to the proxy.
>
> I'm using Centos 5 on VMware
>
>
> The script I use:
> #!/bin/sh
>
> PROXY_IP="X.X.X.X"
> PROXY_PORT="Y"
> LAN="eth0"
>
> # Flush
> iptables -F
> iptables -X
> iptables -t nat -F
> iptables -t nat -X
> iptables -t mangle -F
> iptables -t mangle -X
>
> # Load modules
> modprobe ip_conntrack
> modprobe ip_conntrack_ftp
> # For win xp ftp client
> echo 1 > /proc/sys/net/ipv4/ip_forward
>
>
> # Re-routing
>
> iptables -t nat -A PREROUTING -i $LAN -p tcp -d ! $PROXY_IP -j DNAT --
> to $PROXY_IP:$PROXY_PORT
> iptables -t nat -A POSTROUTING -j MASQUERADE
>
> Any idea waht I am missing?
>
> Thank you
> Julien
After running this doing a iptables -L shows the rules yes?
--
I collect spam + please send it to:
(E-Mail Removed)
Similar Threads
Linear Mode
