William Bohannan wrote:
Trying to use the policy drop rule with the bridged firewall, when I
removed the first line the transparent proxy works great? It seems a
bit strange as from reading several articles on it I thought the
following occurs.
1st line - if it doest match it gets dropped on the local filter input.
2nd line - redirects the traffic off the link layer into the network
layer ready for line 3.
3rd line - redirects the port 80 to 8080 and then goes to the local
process (squid) through the input filter
4th line - input filter accepts the traffic over riding the global
reject policy.
iptables -P INPUT DROP
ebtables -t broute -A BROUTING -p IPv4 --ip-protocol 6
--ip-destination-port 80 -j redirect --redirect-target ACCEPT
iptables -t nat -A PREROUTING -i br0 -p tcp --dport 80 -j REDIRECT
--to-port 8080
iptables -A INPUT -p tcp --dport 80 -m physdev --physdev-in eth1
--physdev-out eth0 -j ACCEPT
Any help would be most welcome.
Kind Regards
William
_______________________________________________
LARTC mailing list
LARTC@xxxxxxxxxxxxxxx
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
The 4th line should look for packets on dport 8080 instead of 80
-Jasbir
_______________________________________________
LARTC mailing list
LARTC@xxxxxxxxxxxxxxx
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc