Hi,
I have a bridge on a openwrt box:
bridge name bridge id STP enabled interfaces
br-lan 8000.00212968312a no eth0.0
wlan0
I have the following rules in the nat table:
Chain PREROUTING (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source
destination
0 0 zone_lan_prerouting all -- br-lan * 0.0.0.0/0
0.0.0.0/0
1 60 prerouting_rule all -- * * 0.0.0.0/0
0.0.0.0/0
Chain POSTROUTING (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source
destination
0 0 zone_lan_nat all -- * br-lan 0.0.0.0/0
0.0.0.0/0
0 0 postrouting_rule all -- * * 0.0.0.0/0
0.0.0.0/0
Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source
destination
Chain postrouting_rule (1 references)
pkts bytes target prot opt in out source
destination
Chain prerouting_lan (1 references)
pkts bytes target prot opt in out source
destination
Chain prerouting_rule (1 references)
pkts bytes target prot opt in out source
destination
1 60 DNAT tcp -- br-lan * !200.69.213.193
0.0.0.0/0 tcp dpt:80 to:x.x.x.x:8080
Chain zone_lan_nat (1 references)
pkts bytes target prot opt in out source
destination
Chain zone_lan_prerouting (1 references)
pkts bytes target prot opt in out source
destination
0 0 prerouting_lan all -- * * 0.0.0.0/0
0.0.0.0/0
Where x.x.x.x is a remote proxy
And my ebtables rules on broute table is as follows:
Bridge table: broute
Bridge chain: BROUTING, entries: 1, policy: ACCEPT
-p IPv4 --ip-proto tcp --ip-dport 80 -j redirect , pcnt = 1251 -- bcnt = 75060
The problem is that interception proxy (aka transparent proxy) is not
working. Of course it works is I add by hand at browers settings....
Please could you help me?
--
--
Sergio Belkin http://www.sergiobelkin.com
Watch More TV http://sebelk.blogspot.com
LPIC-2 Certified - http://www.lpi.org
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
