Op donderdag 1 mei 2003 02:07, schreef Intercomax: > I'm having a huge problem: > > I have those rules: > > Chain PREROUTING (policy ACCEPT) > target prot opt source destination > DNAT tcp -- anywhere anywhere > tcp dpt:www > to:192.168.0.1:80 > > Chain POSTROUTING (policy ACCEPT) > target prot opt source destination > MASQUERADE all -- anywhere anywhere > > Chain OUTPUT (policy ACCEPT) > target prot opt source destination > > I inserted iptables -t nat -I PREROUTING -s > xxx.xxx.xxx.xxx -j RETURN > > OK. The rules works fine. > > Then I removed the RETURN iptables -t nat -D > PREROUTING -s > xxx.xxx.xxx.xxx -j > RETURN and... The IP still access some pages that > accessed before! > > Why? > > I need to redirect all internal requests to a specific > page and then, > after a > login, masquerade them to the Internet... > > That's it. > > Thanks in advance. > > Maurício S. Mudrik > > _______________________________________________________________________ > Yahoo! Mail > O melhor e-mail gratuito da internet: 6MB de espaço, antivírus, acesso > POP3, filtro contra spam. http://br.mail.yahoo.com/ As far I can see by your rules , your running a Web-server on 192.168.0.1:80 , not specific a rule to aply local acces to the internet. But as i see the POSTROUTING chain , i miss something namely your output interface !! like this ::; Chain POSTROUTING (policy DROP) num pkts bytes target prot opt in out source * * * MASQUERADE all -- * * eth0 0.0.0.0/0 destination 0.0.0.0/0 what about that login , i think Squid could do something like that , so you have to use a proxy for that. Pascal
