Search squid archive

Re: [squid-users] Transparent proxy issues...

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



I even tried redirecting a non-specific port to google.com's port 80, and
still no success:
root@filter:~# iptables -t nat -A PREROUTING -p tcp -s 0/0 --dport 10000
-j DNAT --to 64.233.187.104:80
root@filter:~# telnet 127.0.0.1 10000
Trying 127.0.0.1...
telnet: connect to address 127.0.0.1: Connection refused
root@filter:~# telnet 64.233.187.104 80
Trying 64.233.187.104...
Connected to 64.233.187.104.
Escape character is '^]'.
^]
telnet> quit
Connection closed.

So as you can see, redirection, does not work however direct connection
does. Anyone have an idea?

Thanks.

Jon


> On Tue, 12 Apr 2005, Jon Newman wrote:
>
>> Using DNAT, via this command, still nets the same result:
>> iptables -t nat -A PREROUTING -p tcp -s x.x.x.x/32 --dport 80 -j DNAT
>> --to
>> 216.90.3.137:8080
>
> As I said it is equivalent. REDIRECT only saves you from entering the IP
> (automatic).
>
>> Any other ideas? I can't believe this is so difficult, this should be
>> simple and straight foreward...there must be something stupid I am
>> missing...PLEASE, anyone willing to point out my idiocy?
>
> Never ever had netfilter NAT fail on me.
>
> But if your intercepting router is running in "lollipop" mode (just one
> interface, next hop router on same interface as client station) then you
> may need disabling ICMP redirects.
>
> Regards
> Henrik
>


-- 
Jon Newman (jnewman@xxxxxxxxxx)
Systems Administrator/Software Engineer
The Optimal Link (http://www.oplink.net)


[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux