|
Hi List
I have a Linux box that allows LAN users
with local IP addresses to access Internet using the following IPtables
based shell script. I have basic understanding of IPtables
and have done some reading on how to fwd all dport 80 traffic to a
separate box that runs a caching server (Squid in my case). Can someone help me
with changes in the existing setup:
--> to forward all the traffic to the squid port
(say 8080) on a separate box or;
-->to a local port (say 4000) running
transproxy that simply forwards all the requests coming to local:4000
on to the squid box at port 8080.
#!/bin/sh
# Set up default policies
iptables -P INPUT ACCEPT iptables -P OUTPUT ACCEPT iptables -P FORWARD DROP # Flush all tables
iptables -F iptables -t nat -F iptables -t mangle -F #NAT
iptables -t nat -A POSTROUTING -o eth0 -s 192.168.1.0/24 -j SNAT --to-source 202.xx.xxx.xx # Forward all traffic for Local Network
iptables -t filter -A FORWARD -s 192.168.1.0/24 -j ACCEPT iptables -t filter -A FORWARD -d 192.168.1.0/24 -j ACCEPT # Enable IP forwarding.
echo "1" > /proc/sys/net/ipv4/ip_forward Also, please guide me to some good document on
IPtables.
Thanks in advance
Charan
|
