On Friday 25 February 2005 1:38 am, Ronny wrote:
> Jesse Guardiani wrote:
>
> >Henrik Nordstrom wrote:
> >
> >
> >
> >>On Thu, 24 Feb 2005, Jesse Guardiani wrote:
> >>
> >>
> >>
> >>>I don't think it is anymore. It seems like the packets are just
> >>>dissappearing after they hit my iptables rule. I tried placing OUTPUT and
> >>>POSTROUTING LOG rules around the NAT table, and their hit counters
> >>>increment if I hit the cache directly from a web browser, but if I hit it
> >>>transparently the packet just dissappears after the REDIRECT to port
> >>>3128.
> >>>
> >>>
> >>Try using DNAT instead of REDIRECT.
> >>
> >>
> >
> >I thought you might say that, so I tried it with DNAT earlier in the day.
> >I tried destination addresses 192.168.10.2 (my ip alias on eth0:22) and
> >192.168.1.2 (my "real" eth0 ip). Neither worked. Here's an example of the
> >latter:
> >
> ># iptables -t nat -L -v
> >Chain PREROUTING (policy ACCEPT 425 packets, 61769 bytes)
> > pkts bytes target prot opt in out source destination
> > 43 2580 DNAT tcp -- gre1 any anywhere anywhere tcp dpt:www to:192.168.1.2:3128
> >
> >Do you see anything wrong with the above?
> >
> If I may ask why www dport and not http?Suggestion and question.But it's
> a firewall thing seems http traffic is looping in the linux strange !
I'm not sure what you're asking/suggestion. I give it port 80, and it
calls it www because that is what is in my /etc/services file.
-- Jesse Guardiani, Systems Administrator WingNET Internet Services, P.O. Box 2605 // Cleveland, TN 37320-2605 423-559-LINK (v) 423-559-5145 (f) http://www.wingnet.netReceived on Fri Feb 25 2005 - 07:42:41 MST
This archive was generated by hypermail pre-2.1.9 : Tue Mar 01 2005 - 12:00:02 MST