Find the answer to your Linux question:
Results 1 to 4 of 4
iptables -t nat -A PREROUTING -p tcp -s 192.168.0.0/16 --dport 80 -j REDIRECT --to-port 3128 ihave added this rule to redirect all my http request to port 3128 but its ...
  1. 03-27-2003 #1
    l_linuxguru
    l_linuxguru is offline
    Just Joined!
    Join Date
    Mar 2003
    Posts
    36

    iptable and redirect



    iptables -t nat -A PREROUTING -p tcp -s 192.168.0.0/16 --dport 80 -j REDIRECT --to-port 3128
    ihave added this rule to redirect all my http request to port 3128 but its not working.
    plz help.
    Reply With Quote Reply With Quote
  2. 03-28-2003 #2
    wassy121
    wassy121 is offline
    Linux Enthusiast
    Join Date
    Jun 2002
    Location
    San Antonio
    Posts
    621
    that probably does exactly what you told it to:
    Code:
    iptables -t nat
    will add this rule to the "nat" table
    Code:
    -A PREROUTING -p tcp -s 192.168.0.0/16
    will make this rule happen before it is routed through the box, and will act on all TCP requests that come from 192.168.0.0/16 (which is your internal network)
    Code:
    --dport 80 -j REDIRECT --to-port 3128
    will assure that packets going to port 80 of the destination will redirect to port 3128.

    So you are saying that when an internal client (like the computer you type at) tries to go to "hotmail.com" it is redirected to "hotmail.com:3128". Is this what you want?
    I respectfully decline the invitation to join your delusion.
    Reply With Quote Reply With Quote
  3. 03-29-2003 #3
    l_linuxguru
    l_linuxguru is offline
    Just Joined!
    Join Date
    Mar 2003
    Posts
    36
    Quote Originally Posted by wassy121
    that probably does exactly what you told it to:
    Code:
    iptables -t nat
    will add this rule to the "nat" table
    Code:
    -A PREROUTING -p tcp -s 192.168.0.0/16
    will make this rule happen before it is routed through the box, and will act on all TCP requests that come from 192.168.0.0/16 (which is your internal network)
    Code:
    --dport 80 -j REDIRECT --to-port 3128
    will assure that packets going to port 80 of the destination will redirect to port 3128.

    So you are saying that when an internal client (like the computer you type at) tries to go to "hotmail.com" it is redirected to "hotmail.com:3128". Is this what you want?

    my proxy server add is 192.168.23.1(internal) iwant all the client request to redirect to it on port 3128.
    Reply With Quote Reply With Quote
  4. 03-30-2003 #4
    Dolda2000
    Dolda2000 is offline
    Linux Guru
    Join Date
    Oct 2001
    Location
    Täby, Sweden
    Posts
    7,578
    Quote Originally Posted by wassy121
    So you are saying that when an internal client (like the computer you type at) tries to go to "hotmail.com" it is redirected to "hotmail.com:3128". Is this what you want?
    I think you've misunderstood the REDIRECT target, wassy. It redirects the port _and_ destination address. It's just that the address is changed to that of the interface that the packet came in through, so in that way it should work.

    Download ethereal (if it's not already installed) and check some test traffic to see what's wrong. Also, how doesn't it work? Does it have no effect at all (like the client fetching the content directly from hotmail.com) or does the client fail to connect?
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules