I could finally manage to bump packets from a bsd box to my squid and
thanks to ipfw they come un-rewritten in the form
{internal_net_ip} -> {destination_ip}
This is ok. I set a simple redirect rule in the prerouting:
iptables -t nat -A PREROUTING -p tcp --dport 80 -s internal_net/mask -j
REDIRECT --to-ports 80
Packets jump to my proxy and pass through.
But i get them returned in the form:
{squid_box} -> {ip_from_internal_network}
This way they are impossible for shaping. How would i make such a packet
{destination_ip} -> {internal_net_ip}
by means of iptables.
Would a DNAT do the trick and will it be hit if a have a REDIRECT target
already in the PREROUTING.
Otherwise the REDIRECT is also available in the OUTPUT chain of the nat
table.
