I tried: sudo iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 80 -j REDIRECT --to- 8080 iptables -t nat -A POSTROUTING -s 172.20.0.0/16 -j MASQUERADE And still ended up with the same message: ERROR The requested URL could not be retrieved -------------------------------------------------------------------------------- The following error was encountered while trying to retrieve the URL: http://twinlakes.k12.wi.us/ Connection to 216.56.4.133 failed. The system returned: (110) Connection timed out The remote host or network may be down. Please try the request again. Your cache administrator is webmaster. -------------------------------------------------------------------------------- Generated Wed, 27 Apr 2011 12:46:38 GMT by localhost (squid/2.7.STABLE9) On Wed, Apr 27, 2011 at 7:17 AM, Vigneswaran R <vignesh@xxxxxxxxxxx> wrote: > On 04/27/2011 04:56 PM, Mike Hendrie wrote: >> >> Thanks for the response. Once I implemented your suggestion, I get the >> following error when trying to access the school's website from WITHIN >> the LAN. Why can it not find the URL? >> >> ERROR >> >> The requested URL could not be retrieved >> >> The following error was encountered while trying to retrieve the URL: >> http://www.twinlakes.k12.wi.us/ >> >> Connection to 216.56.4.133 failed. >> The system returned: (110) Connection timed out > > I assume that you want to give access to the Internet for all the machines > in the LAN, through your "PROXY" server. ie., making the server an Internet > Gateway. > > If so, the following should work, > > iptables -t nat -A POSTROUTING -s 192.168.1.0/24 -j MASQUERADE > > Here, replace the 192.168.1.0/24 with the correct IP address range used in > your LAN. Please ensure that all the machines have the default route > pointing to the server. > > This allows, all kinds of traffic like http, ftp, ssh etc., to the public > sites. If necessary, add further iptables rules to restrict this. Hope this > helps. > > > Regards, > Vignesh > -- > To unsubscribe from this list: send the line "unsubscribe netfilter" in > the body of a message to majordomo@xxxxxxxxxxxxxxx > More majordomo info at http://vger.kernel.org/majordomo-info.html > -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
