Hello,
Brent Clark a écrit :
Ive been trying to redirect all HTTP traffic to my newly built proxy
(squid).
But I cant seem to get it working.
Please elaborate. What's happening exactly ?
This is what I have
$IPT -t nat -A PREROUTING -i eth1 -s 192.168.111.0/24 -p tcp --dport 80
-j DNAT --to 192.168.111.9:3128
$IPT -t nat -A POSTROUTING -o eth1 -s 192.168.111.0/24 -j SNAT --to
192.168.111.10
and
$IPT -t filter -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT
$IPT -t filter -A FORWARD -i eth1 -o eth1 -p tcp --dport 3128 -m state
--state NEW -j ACCEPT
It seems that the proxy is in the same network as the clients. Does it
use the same gateway too ? If so, you need to set a no-DNAT exception in
PREROUTING for the proxy source address and a rule in FORWARD to allow
NEW packets from the proxy to the outside.
