This is part of The Pile, a partial archive of some open source mailing lists and newsgroups.
To: redhat-list@listman.redhat.com From: "Roger" <roger@tradex-asia.com> Subject: Re: transparent proxy? Date: Sun Feb 16 17:49:27 2003 "Edward Dekkers" <edward@tripled.iinet.net.au> wrote: > > how can i make transparent proxy on rh linux 8 with > > iptables? i have read some documents. i made some > > changes and i saw the server is redirecting to the squid > > proxy. not the clients(although their gateways are shown > > to my server). > > any alternates? > I recall seeing a how-to for exactly that on the Linux Documentation > Project. Have a squiz there. I think the following is the simpliest way.. -A PREROUTING -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 3128 http_port xxxx httpd_accel_host virtual httpd_accel_port 80 httpd_accel_with_proxy on httpd_accel_uses_host_header on === To: redhat-list@listman.redhat.com From: kaya@dinamit.gen.tr Subject: Re: transparent proxy? Date: Mon, 17 Feb 2003 16:59:10 +0200 Roger <roger@tradex-asia.com> wrote: > I think the following is the simpliest way.. > > -A PREROUTING -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 3128 > > http_port xxxx > httpd_accel_host virtual > httpd_accel_port 80 > httpd_accel_with_proxy on > httpd_accel_uses_host_header on it says "iptables: No chain/target/match by that name" (PREROUTING) what else can i do? === To: redhat-list@listman.redhat.com From: Michael Schwendt <ms0301rh@arcor.de> Subject: Re: transparent proxy? Date: Mon, 17 Feb 2003 16:12:41 +0100 kaya@dinamit.gen.xx wrote: > Roger <roger@tradex-asia.xxx> wrote: : > > > I think the following is the simpliest way.. > > > > -A PREROUTING -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 3128 > > > it says "iptables: No chain/target/match by that name" (PREROUTING) > what else can i do? Insert "-t nat" or "--table nat" at the beginning, right after the iptables command. === To: redhat-list@listman.redhat.com From: kaya@dinamit.gen.tr Subject: Re: transparent proxy? Date: Mon, 17 Feb 2003 17:16:15 +0200 Michael Schwendt <ms0301rh@arcor.de> wrote: > kaya@dinamit.gen.xx wrote: > > > it says "iptables: No chain/target/match by that name" (PREROUTING) > > what else can i do? > > Do you see that such a reply above a quote at the bottom does not > make any sense? Without starting at the bottom of your message, I > would not understand your comment at the top. Huh! > > > Roger <roger@tradex-asia.xxx> wrote: > > > > > I think the following is the simpliest way.. > > > > > > -A PREROUTING -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 3128 > Insert "-t nat" or "--table nat" at the beginning, right after > the iptables command. > i did that but only the server (where squid works) goes over the proxy on port 80. not the network users. network user's gateways are showing my server. ===