iptables Transparent Proxy Configuration

Neil Symons neil at goldweb.com.au
Fri Jul 26 02:06:41 EST 2002


I want to Transparently redirect port 80 on a router to a proxy server
and I have been guided to use the following lines.


iptables -t nat -A PREROUTING -i eth0 -s ! squid-box -p tcp \
	 --dport 80 -j DNAT --to squid-box:3128 

iptables -t nat -A POSTROUTING -o eth0 -s local-network \
	 -d squid-box -j SNAT --to iptables-box 

iptables -A FORWARD -s local-network -d squid-box -i eth0 \
	 -o eth0 -p tcp --dport 3128 -j ACCEPT 


These all work however two problems I have discovered.

1) When I connect to the Router's Own Web Port I get redirected to the
Proxy server which I don't want.

and 

2) I want my proxy server to be able to connect to the real world by port
80 through the proxy server

Can someone guide me to what over rules I need to fulfill this and the
order it has to go in.

-- Neil


-- 
+----------------------------------------------------------+
> Neil Symons <neil at goldweb.com.au>                        <
> Goldweb Internet - (02) 62530059 BH  (0500) 528932 AH    <
> ICQ / UIN: 5255597 |  http://www.goldweb.com.au/~neil/   <
+----------------------------------------------------------+




More information about the linux mailing list