Hi to all, I am using squid as transparent proxy. So I use iptables.Command I use is: iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 3128 I want to use such an access-list: For instance if you want a page from nework A.B.C.D/a.b.c.d, you do not use squid. It is possible doing with squid, however I need to do this with iptables. I changed my command such that: iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -d ! A.B.C.D/a.b.c.d -j REDIRECT --to-port 3128 MY QUESTION is; For two networks, A.B.C.D/a.b.c.d and E.F.G.H/e.f.g.h how can I do this? iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -d ! A.B.C.D/a.b.c.d -j REDIRECT --to-port 3128 iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -d ! E.F.G.H/e.f.g.h -j REDIRECT --to-port 3128 Does not work. Because, when a request comes for an ip in the network E.F.G.H/e.f.g.h, it is forwarded to squid, because of the iptabes first rule... How can I do access-list with iptables? I need help Thanks for your attention
