Hi, I hope that you have a time to answer this email.. I'm really
confused.
I installed a Linux Box with IPTABLES and SQUID. All requests are
accepted for testing purposes.
Basically i want to lett pass packets to and from the router, but
redirecting the http requests to squid.
I check in the cachemgr.cgi and there is activiy and all the services
are working, but usually squid should show error messages when trying to
open a page that doesn't exist and other errors, but these error
messages never appear, the error messages are being showed for the dns
directly or apache and not for the squid. I started to ask me if the
squid is really working or not ... there are objects in the squid, my
computers have internet access and all seems to be ok but i'm not sure.
My rules are:
#!/bin/sh
#
echo -e "\n Loading Firewalling Rules \n"
IPTABLES=/sbin/iptables
UNIVERSE="0.0.0.0/0"
INTIF="eth1"
EXTIF="eth0"
echo " Enabling forwarding.. "
echo "1" > /proc/sys/net/ipv4/ip_forward
echo " Clearing existing rules... "
$IPTABLES -P INPUT DROP
$IPTABLES -F INPUT
$IPTABLES -P OUTPUT DROP
$IPTABLES -F OUTPUT
$IPTABLES -P FORWARD DROP
$IPTABLES -F FORWARD
$IPTABLES -F -t nat
$IPTABLES -X
$IPTABLES -Z
$IPTABLES -A INPUT -s $UNIVERSE -d $UNIVERSE -j ACCEPT -v
$IPTABLES -A OUTPUT -s $UNIVERSE -d $UNIVERSE -j ACCEPT -v
$IPTABLES -A FORWARD -i $EXTIF -o $INTIF -j ACCEPT -v
$IPTABLES -A FORWARD -i $INTIF -o $EXTIF -j ACCEPT -v
$IPTABLES -t nat -A PREROUTING -i eth1 -p tcp --dport 80 -j REDIRECT
--to-port 3128 -v
This is my iptables -t nat -L
Chain PREROUTING (policy ACCEPT)
target prot opt source destination
REDIRECT tcp -- anywhere anywhere tcp dpt:http
redir ports 3128
Chain POSTROUTING (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
I will appreciate any help or comments,
Thanks in advance,
K Gomez
Received on Tue Jul 09 2002 - 15:49:36 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:09:12 MST