bl -El lun, 18 de 10 de 2004 a las 04:19, J Kim escribiÃ: > Hello all, > > I'm running a squid at port 3128 as a transparent proxy. > > There are requests coming directly to 3128 port and > those coming to 80 port and then redirected to 3128 by > following rule: > > -t nat -A PREROUTING -i eth0 -p tcp -m tcp \ > --dport 80 -j REDIRECT --to-ports 3128 > > What I want is block direct requests to 3128, allowing > redirected access (transparent proxy) only. How do I do it? > > If I just set up a rule in filter chain like: > > -t filter -A INPUT -i eth0 -p tcp -m tcp \\ > --dport 3128 -j DROP > > Those requests redirected from port 80 to 3128 are also > blocked by this rule. It seems that the redirected packets > come in to this chain once again with the new port number. > > How can I differentiate these two different kinds of > request? Any clue will be greatly appreciated. > > Jinsuk Kim Insert your DROP rule in the nat table, in the PREROUTING chain before the rule that does the redirect. -- Jose Maria Lopez Hernandez Director Tecnico de bgSEC jkerouac@xxxxxxxxx bgSEC Seguridad y Consultoria de Sistemas Informaticos http://www.bgsec.com ESPAÃA The only people for me are the mad ones -- the ones who are mad to live, mad to talk, mad to be saved, desirous of everything at the same time, the ones who never yawn or say a commonplace thing, but burn, burn, burn like fabulous yellow Roman candles. -- Jack Kerouac, "On the Road"
