Re: redirect

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Quoting Georgi Alexandrov <georgi.alexandrov@xxxxxxxxx>:

dhottinger@xxxxxxxxxxxxxxxxxxxxxx wrote:
Quoting Georgi Alexandrov <georgi.alexandrov@xxxxxxxxx>:

dhottinger@xxxxxxxxxxxxxxxxxxxxxx wrote:
I currently redirect all traffic on port 80 to my proxy server with
$IPC -t nat -A PREROUTING -p tcp -i ! $IF --dport 80    -s !
204.111.40.0/24 -d ! 204.111.40.0/24 -j DNAT --to-destination
$PROXY_IP:8080

I would like to have any traffic destined for apple.com excluded from
this redirect.  I cant seem to get the syntax right.  Anyone got any
ideas?
<snip*>

iptables -t nat -A PREROUTING -p tcp -i $iface --dport 80 -d $apples_net
-j RETURN

iptables -t nat -A PREROUTING -p tcp -i $iface --dport 80 -d
$another_not_to_proxy_network -j RETURN

iptables -t nat -A PREROUTING -p tcp -i $iface --dport 80 -j DNAT --to
$proxy:$port
<snip*>

Never mind.  Doesnt seem to be working.  Any other ideas?

What's not working?

--
regards,
Georgi Alexandrov

key server - pgp.mit.edu :: key id - 0x37B4B3EE
Key fingerprint = E429 BF93 FA67 44E9 B7D4  F89E F990 01C1 37B4 B3EE



$IPC -t nat -A PREROUTING -p tcp -i $IF --dport 80 -d 17.250.0.0
-j RETURN

Is not routing apple.com traffice away from my proxy. Apple.com traffic is still getting routed to proxy server. I have the rule placed above my dnat rule for the proxy. Any other ideas?

thanks,
ddh
--
Dwayne Hottinger
Network Administrator
Harrisonburg City Public Schools




[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux