Hello
on server B:
iptables -t nat -A PREROUTING -i <lan_iface> -s <lan_users_subnet> -p tcp --dport 80 -j DNAT --to <squid_box>:80
iptables -t nat -A POSTROUTING -o <out_iface_connected_to_switch> -d <squid_box> -p tcp --dport 80 -j SNAT --to <wan_iface>
on server A:
iptables -t nat -A PREROUTING -s <server_A_wan_ip> -p tcp --dport 80 -j REDIRECT --to 8080
>>>Basia Nowak <basiamnowak@xxxxxxxxxxx> 06/04/05 1:08 pm >>>
Hi,
--- azeem ahmad <azeem81@xxxxxxx> wrote:
>give some details. which server is connected to
>internet??? with which ur
>lan clients connect, do clients connect to ur
>router???? and u have proxy on
>server A and NAT on server B. do u want ur clients
>request coming through ur
>LAN router to be redirected to ur proxy server A.
OK. Once again.
I have server 'A' and server 'B'. Both had public IP
address (PI status from RIPE NCC).
Server 'A' and server 'B' is connected via switch to
router WAN.
S 'A' ----> Switch <---- S 'B'
^
|
WAN ---------+
So, directly connected to internet is 'A' & 'B'.
Its world access.
Now: On server 'A' (and ONLY) I make squid 2.4 proxy
server.
On server 'B' I make NAT router. People are connected
to internet via server 'B'. Now... I want to force
proxy server on server 'B' from 'A'.
I cannont use simple redir on port with iptables
because these are no any proxy on server 'A'.
Machine on server 'A' is 10x better from machine on
server 'B'. I cannont make NAT on server 'A'.
I make proxy config to make transparent proxy and
proxy works on 8080 port.
Now only 1% users use my proxy ;/
--
I greet
Barbara
___________________________________________________________
How much free photo storage do you get? Store your holiday
snaps for FREE with Yahoo! Photos http://uk.photos.yahoo.com
