Hello ! You can use something like that: iptables -I PREROUTING -t nat -s 192.168.0.10 -p tcp --dport 80 -j DNAT --to 192.168.0.3:3128 iptables -I PREROUTING -t nat -s 192.168.0.10 -p tcp --dport 3128 -j DNAT --to 192.168.0.3:3128 If you have iprange compiled for iptables you can use: iptables -I PREROUTING -t nat -m iprange --src-range 192.168.0.10-192.168.0.20 -p tcp --dport 80 -j DNAT --to 192.168.0.3:3128 iptables -I PREROUTING -t nat -m iprange --src-range 192.168.0.10-192.168.0.20 -p tcp --dport 3128 -j DNAT --to 192.168.0.3:3128 I hope this can help, Leandro 2006/3/11, Nilesh <niluforalways@xxxxxxxxx>: > Dear all, > > I have two squid proxy servers and two ISP > > 1) 192.168.0.1 port 3128 > 2) 192.168.0.3 port 3128 > > We have around 70 comps assigned IP's between > 192.168.0.4 to 192.168.0.250 > The default proxy we are using is 192.168.0.1 which is > on the ISP 1. > Now I have configured 192.168.0.3 squid proxy server > on ISP 2 line. > Both ISP 1 and ISP 2 are landing (connected) on the > same Switch. > > Now I want setup the request coming from IP range > (192.168.0.10 to 192.168.0.20) for the > 192.168.0.1:3128 > Will be forward to 192.168.0.3:3128 > So the users from this IP range will access only > 192.168.0.3 proxy server. > > Could any one please help me which rules should I use > in IPTABLES . > > I have attached herewith my rc.firewall file. > > Please help me. > > Regards > Nilesh. > > __________________________________________________ > Do You Yahoo!? > Tired of spam? Yahoo! Mail has the best spam > protection around > http://mail.yahoo.com > > __________________________________________________ > Do You Yahoo!? > Tired of spam? Yahoo! Mail has the best spam protection around > http://mail.yahoo.com > >
