Search squid archive

RE: client ip's

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



The rule I use to redirect traffic from 80 to 8080 is:
I must remember, this was working before 3.0 stable1 or stable2 (not using
stable2), I just saw this was happening now.

iptables -t nat -A PREROUTING -s 192.168.1.0/24 -p tcp --dport 80 -j DNAT
--to-destination 192.168.1.1:8080


cisne:~# iptables-save -t nat
# Generated by iptables-save v1.4.0 on Wed Apr  2 17:12:25 2008
*nat
:PREROUTING ACCEPT [35:1650]
:POSTROUTING ACCEPT [10307:1367320]
:OUTPUT ACCEPT [66427:4357431]
-A PREROUTING -d 193.164.158.105/32 -j DROP
-A PREROUTING -i eth1 -p tcp -m tcp --dport 5111 -j DNAT --to-destination
192.168.1.11:5900
-A PREROUTING -i eth1 -p tcp -m tcp --dport 5901 -j DNAT --to-destination
192.168.1.2:5900
-A PREROUTING -i eth1 -p tcp -m tcp --dport 5969 -j DNAT --to-destination
192.168.1.3:5900
-A PREROUTING -i eth1 -p tcp -m tcp --dport 3389 -j DNAT --to-destination
192.168.1.204:3389
-A PREROUTING -s 192.168.1.0/24 -p tcp -m tcp --dport 80 -j DNAT
--to-destination 192.168.1.1:8080
-A PREROUTING -p gre -j ACCEPT
-A PREROUTING -p icmp -j ACCEPT
-A PREROUTING -p ah -j ACCEPT
-A PREROUTING -p udp -m udp --dport 53 -j ACCEPT
-A PREROUTING -p udp -m udp --dport 500 -j ACCEPT
-A PREROUTING -p udp -m udp --dport 1723 -j ACCEPT
-A PREROUTING -p udp -j ACCEPT
-A PREROUTING -p tcp -m tcp --dport 20 -j ACCEPT
-A PREROUTING -p tcp -m tcp --dport 21 -j ACCEPT
-A PREROUTING -p tcp -m tcp --dport 22 -j ACCEPT
-A PREROUTING -p tcp -m tcp --dport 23 -j ACCEPT
-A PREROUTING -p tcp -m tcp --dport 25 -j ACCEPT
-A PREROUTING -p tcp -m tcp --dport 43 -j ACCEPT
-A PREROUTING -p tcp -m tcp --dport 79 -j ACCEPT
-A PREROUTING -p tcp -m tcp --dport 123 -j ACCEPT
-A PREROUTING -p tcp -m tcp --dport 143 -j ACCEPT
-A PREROUTING -p tcp -m tcp --dport 443 -j ACCEPT
-A PREROUTING -d 80.172.172.34/32 -p tcp -m tcp --dport 444 -j ACCEPT
-A PREROUTING -p tcp -m tcp --dport 1723 -j ACCEPT
-A PREROUTING -p tcp -m tcp --dport 1863 -j ACCEPT
-A PREROUTING -p tcp -m tcp --dport 3306 -j ACCEPT
-A PREROUTING -p tcp -m tcp --dport 3389 -j ACCEPT
-A PREROUTING -d 80.172.172.34/32 -p tcp -m tcp --dport 5000 -j ACCEPT
-A PREROUTING -p tcp -m tcp --dport 5190 -j ACCEPT
-A PREROUTING -p tcp -m tcp --dport 5900 -j ACCEPT
-A PREROUTING -p tcp -m tcp --dport 5901 -j ACCEPT
-A PREROUTING -p tcp -m tcp --dport 6667 -j ACCEPT
-A PREROUTING -s 192.168.1.0/24 -d 192.168.1.206/32 -p tcp -m tcp --dport
8888 -j ACCEPT
-A PREROUTING -d 192.168.1.1/32 -p tcp -m tcp --dport 8080 -j ACCEPT
-A PREROUTING -i eth1 -p tcp -m tcp --dport 30106 -j DNAT --to-destination
192.168.1.224:30106
-A PREROUTING -s 192.168.1.0/24 -p tcp -m tcp --dport 62500:63500
--tcp-flags FIN,SYN,RST,ACK SYN -j ACCEPT
-A PREROUTING -j DROP
-A POSTROUTING -o eth1 -j MASQUERADE
COMMIT
# Completed on Wed Apr  2 17:12:26 2008

-----Original Message-----
From: Henrik Nordstrom [mailto:henrik@xxxxxxxxxxxxxxxxxxx] 
Sent: quarta-feira, 2 de Abril de 2008 11:42
To: Jorge Bastos
Cc: squid-users@xxxxxxxxxxxxxxx
Subject: RE:  client ip's

WHat do your iptables NAT rules look like?

iptables-save -t nat

ons 2008-04-02 klockan 09:18 +0100 skrev Jorge Bastos:
> Transparent proxy
> 
> Squid running on: 8080
> And I forward 80 => 8080 (squid) => web
> 
> My iptables rules are intact, I believe it was from 3.0 stable 1 or 2 that
> this started to happen.
> 
> 
> 
> 
> > -----Original Message-----
> > From: Henrik Nordstrom [mailto:henrik@xxxxxxxxxxxxxxxxxxx]
> > Sent: quarta-feira, 2 de Abril de 2008 0:12
> > To: Jorge Bastos
> > Cc: squid-users@xxxxxxxxxxxxxxx
> > Subject: RE:  client ip's
> > 
> > tis 2008-04-01 klockan 12:29 +0100 skrev Jorge Bastos:
> > > No, just squid himself.
> > 
> > As a plain proxy, or playing with NAT?
> > 
> > Regards
> > Henrik
> 



[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux