[PLUG] Transparent Proxying...

Michael Robinson plug_1 at robinson-west.com
Wed Dec 2 22:44:37 UTC 2009


On Wed, 2009-12-02 at 11:37 -0800, Aaron Burt wrote:
> On Mon, Nov 30, 2009 at 10:50:09PM -0800, Michael Robinson wrote:
> > The redirect method:
> > iptables -t nat -A PREROUTING -s $local -d ! $local --dport 80 -j
> > REDIRECT --to-port 8080
> > doesn't seem to be the accepted way to proxy anymore and it doesn't
> > seem to work either.
> 
> I can't offer much without context (i.e. what's $local?), and from previous
> discussions, your network setups are often baroque.  That said, that
> doesn't look right.  You're NATing the dest port but not the dest IP, so
> I'd imagine the packet still gets routed instead of hitting the proxy.
> 
> Kernel version shouldn't matter here - it's an ordinary NAT operation.
> 
> Did you follow a current HOWTO on tranparent proxying?  Did you search the
> web before asking?  When did you last attend a PLUG meeting or clinic?
> 
> Thanks,
>   Aaron

Yes I did search the web and quite frankly most HOWTOs I hit are old or
they are for the 2.4 kernel.




More information about the PLUG mailing list