[opensuse-security] IPTables for transparent proxy
Hi All, I have a SuSE 11.0 box acting as a DANSGuardian, SQUID, Firewall and router. There are two interfaces, eth0 is inside with 10.0.0.1/8 and the outside is 24.x.x.x on a cable modem. I have setup NAT and MASQ and it works great. I've setup Dans and SQUID, and if I setup an inside client with proxi to either 10.0.0:1:8080 (Dans) or 10.0.0.1:3128 (Squid) it works great. I'm looking for the way to tell SuSEfirewall to invisibly redirect any trafix from the inside interface to 127.0.0.1:8080 to invisibly check and proxy that trafic. FW_REDIRECT=10.0.0.1/8,0/0,tcp,80,8080would seem to be the answer, but if does not work, and if I do iptables-save it should the a new rule is added to the OUTSIDE interface that marks and logs that trafic, but redirects nothing. It seems to me I used to do this with packet mangling in the prerouting table... What am I missing? DANSGUARDIAN and Squid are the lasest versions Thanks -- Gary Baribault Courriel: gary@baribault.net GPG Key: 0x4346F013 GPG Fingerprint: BCE8 2E6B EB39 9B23 6904 1DF4 C4E6 2CF7 4346 F013 --------------------------------------------------------------------- To unsubscribe, e-mail: opensuse-security+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-security+help@opensuse.org
participants (1)
-
Gary Baribault