On Mon, Jan 4, 2010 at 10:38, Kenneth Sande <sandekt@xxxxxxxxxx> wrote:
> I do it this way for my one internal subnet. There may be more and better
> options, but this works for me.
>
> "iptables -t nat -A PREROUTING -i ${INT_INTERFACE} -s ${INT_NETWORK} -p tcp
> --dport 80 --sport 1024:65535 -m state --state NEW,ESTABLISHED,RELATED -j
> REDIRECT --to-port 3128"
>
> Squid must also be set up to accept transparent connections.
Thanks. Now for another question. I have about a dozen workstations
that I want to bypass squid (they are in the same subnet as the
workstations that I want traffic sent through squid). Reading squid's
documentation, they recommend that this be done at the client end or
via iptables. What's the rule to allow these hosts to bypass squid?
--
Aaron Clausen
mightymartianca@xxxxxxxxx
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
