On 8/29/2012 1:15 PM, Pawel Mojski wrote:
> iptables -t nat -A PREROUTING -p tcp --dport 80 -j DNAT --to
> ip.of.my.squid:8081 i have strange error.
it means that every packet the will go to port 80 will be redirected to
squid ip+port and it means that the packets from squid are the same and
will be looped.
you should use the "-j REDIRECT instead of -j DNAT .
also I recommend you to be explicit about the interface and ip's that
will be intercepted by the proxy.
example:
iptables -t nat -A PREROUTING -i eth1 -s 192.168.1.0/24 ! -d
192.168.10.1/32 -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 8081
Regards,
Eliezer
-- Eliezer Croitoru https://www1.ngtech.co.il IT consulting for Nonprofit organizations eliezer <at> ngtech.co.ilReceived on Wed Aug 29 2012 - 11:21:04 MDT
This archive was generated by hypermail 2.2.0 : Wed Aug 29 2012 - 12:00:08 MDT