On Friday 30 April 2004 7:45 pm, Rhaoni Chiu Pereira wrote:
> Hi List,
>
> I must implement a few firewallrules but I'm a little bit lost. I use a
> transparent proxy with this following rule:
>
> IPTABLES -t nat -A PREROUTING -p tcp -i eth1 -s 192.168.0.0/16 -d !
> 192.168.0.0/16 --dport 80 -j REDIRECT --to-port 3128
>
> The -d parameter is because I have a few VPN's and my squid uses a
> tcp_outgoing_address, so ... Now I must create some exceptions for two IP's
> more than the 192.168.0.0/16 net but I don't know how ... any ideas ?
iptables -N mytable
iptables -A PREROUTING -t nat -p tcp -i eth1 -s 192.168.0.0/16 --dport 80 -j
mytable
iptables -A mytable -t nat -d 192.168.0.0/16 -j RETURN
iptables -A mytable -t nat -d 129.37.0.113 -j RETURN
iptables -A mytable -t nat 32.97.118.242 -j RETURN
iptables -A mytable -t nat -j REDIRECT --to 3128
Regards,
Antony.
--
These clients are often infected by viruses or other malware and need to be
fixed. If not, the user at that client needs to be fixed...
- Henrik Nordstrom, on Squid users' mailing list
Please reply to the list;
please don't CC me.
