On Mar 1 2007 07:19, dhottinger@xxxxxxxxxxxxxxxxxxxxxx wrote: > > I currently redirect all port 80 traffic to my squid proxy server with > following: > > $IPC -A TOSERVERS -p tcp --dport 8080 -d 204.111.40.10 -i $L3 -j LACCEPT > $IPC -A TOSERVERS -p tcp --dport 8080 -d 204.111.40.10 -i $L3 -j LACCEPT > $IPC -A TOSERVERS -p tcp --dport 9011:9015 -d 204.111.40.10 -i $L3 -j LACCEPT > $IPC -A TOSERVERS -p tcp --dport 10000 -d 204.111.40.10 -i $L3 -j LACCEPT > > Works great, except all of a sudden my apple computers wont do software > updates. So, I would like to not redirect traffic that is destined for > apple.com or swscan.apple.com's website. Im not quite sure of the syntax for > my rule, or if this is even possible. Any ideas? Perhaps the problem is not in the "TOSERVERS" chain but the "LACCEPT" one. Or even somewhere else in the iptables ruleset. Jan --
