On Tue, Jan 15, 2008 at 03:08:55PM -0200, Eduardo M KALINOWSKI wrote: > Alex Samad wrote: >> On Tue, Jan 15, 2008 at 08:11:34AM -0200, Eduardo M KALINOWSKI wrote: >> >>> Alex Samad wrote: >>> [snip] > > Well, this solution is far more complicated than what I wanted, so I took a > look at iptables' manpage and discovered that matching can be done based on > the UID that is running the process, so the idea is to let requests made by > user 'proxy' through, and redirect all others to the proxy. This accounts > to the two lines > > iptables -t nat -A OUTPUT -p tcp --dport 80 -m owner --uid-owner proxy -j > ACCEPT > iptables -t nat -A OUTPUT -p tcp --dport 80 -j REDIRECT --to-port 3128 I think there is a caveat it only works on non smp boxes ! > > > > -- > Well, it's hard for a mere man to believe that woman doesn't have equal rights. > -- Dwight D. Eisenhower > > Eduardo M KALINOWSKI > ekalin@gmail.com > http://move.to/hpkb > > > -- > To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org with a > subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org > > -- "One of the most meaningful things that's happened to me since I've been the governor -- the president -- governor -- president. Oops. Ex-governor. I went to Bethesda Naval Hospital to give a fellow a Purple Heart, and at the same moment I watched him--get a Purple Heart for action in Iraq - and at that same - right after I gave him the Purple Heart, he was sworn in as a citizen of the United States - a Mexican citizen, now a United States citizen." - George W. Bush 01/09/2004 Washington, DC
Attachment:
signature.asc
Description: Digital signature