[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: iptables redir of 80 to 8080

On Fri, Jan 04, 2002 at 10:22:32AM +0100, martin f krafft wrote:
| also sprach Petre Daniel <dani@cyber.ro> [2002.01.04.1457 +0100]:
| > how can i redirect the 80 port to 8080,like i want all clients that try to 
| > browse web pages to collect data from my squid.. instead of direct access..?
| > thx..
| 
| you do need to configure squid as a transparent proxy, you know that,
| right?
| 
| other than that:
| 
| iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-ports 8080
| 
| on the proxy if traffic is passing through the proxy already, or if
| traffic is going through a router, and the proxy is at 1.2.3.4
| 
| iptables -t nat -A PREROUTING -p tcp --dport 80 -s ! 1.2.3.4 \
|   -j DNAT --to-destination 1.2.3.4:8080

martin : thanks for the tips so far.


Is it possible to :
    have a web server running on a machine (call it 'A').
    machine 'A' is also the gateway masquerading connections from the
        LAN to the DSL provider
    have 'A' transparently proxy all HTTP requests from the LAN and
        'A' through squid
    still allow the LAN and 'A' to access pages coming from 'A'

It's that last criteria that seems sticky to me.  I don't care if
squid proxies to the local apache or not.  Perhaps squid could use the
external interface (since only the lan and loopback ifaces would be
redirected to the proxy) to access the local apache?

TIA,
-D

-- 

A violent man entices his neighbor
and leads him down a path that is not good.
        Proverbs 16:29
Reply to: