Greetings List, I am using policy based routing to get HTTP traffic to my proxy. Basically, as network traffic traverses my router, the policy inspects the packets to see if they are tcp/80 and, if so, sends it on to my proxy. I then have iptables running on the proxy server (RH EL ES 3) to change the port from tcp/80 to tcp/3128 iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 3128 This all works great. Now I am trying to add some of the other ports that http(s) may use, namely tcp/443. So I add that to my router policy (and verify that the traffic is getting to my proxy with tcpdump) and add this to my iptables: iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 443 -j REDIRECT --to-port 3128 now iptables -t nat -L says this: Chain PREROUTING (policy ACCEPT) target prot opt source destination REDIRECT tcp -- anywhere anywhere tcp dpt:http redir ports 3128 REDIRECT tcp -- anywhere anywhere tcp dpt:https redir ports 3128 Chain POSTROUTING (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination The problem is, https traffic doesn't go through the proxy. If I manually configure my proxy settings on my browser, it does work fine. Any suggestions for what could be going wrong and how to fix it? Thanks in advance, Grant --------- This electronic message transmission is a PRIVATE communication which contains information which may be confidential or privileged. The information is intended to be for the use of the individual or entity named above. If you are not the intended recipient, please be aware that any disclosure, copying, distribution or use of the contents of this information is prohibited. Please notify the sender of the delivery error by replying to this message, or notify us by telephone (877-633-2436, ext. 0), and then delete it from your system.
