On Tue, May 14, 2002 at 05:25:51PM -0300, Tiago Fioreze wrote: > > --> IPTables: > > iptables -t nat -A PREROUTING -i eth0 -s ! squid-box -p tcp --dport 80 > -j DNAT --to squid-box:8080 > iptables -A FORWARD -s local-network -d squid-box -i eth0 -o eth0 -p > tcp --dport 8080 -j ACCEPT > > > The problem: > > The iptables changes the destination (from anywhere:80 to > squid-box:8080), but the SQUID didn't receive none packets on port 8080. > try this: iptables -t nat -A PREROUTING -p tcp -i $INET_IFACE --dport $SRPORT -j DNAT --to-destination $HOST:$DESTPORT iptables -t filter -A FORWARD -p tcp -d $HOST --dport $DESTPORT -j ACCEPT and use tcpdump, to see what is happening hope this helps. -- David Correa Public Key http://www.linux-tech.com/linuxtech.asc Key fingerprint 7F2C E072 479D 71B4 008B 373E A284 8CDE 7659 F5D8 ------------------------------------------------------------------------ To unsubscribe email security-discuss-request@linuxsecurity.com with "unsubscribe" in the subject of the message.
