tis 2007-05-22 klockan 08:25 +0800 skrev Adrian Chadd:
> > note: ip forwarding isn't actually needed, but might be useful if you
> > want to have iptables rules for bypassing the proxy..
>
> really? I could've sworn it didn't work without it. I know it doesn't work
> under FreeBSD.
Yes. really. In Linux you only need to enable ip forwarding if you
really want to forward packets as a router, not to only intercept them
and deliver locally. This due to iptables/netfilter NAT executing pretty
much outside the TCP/IP stack, and as result the Linux TCP/IP stack only
sees packets with the hosts own IP as destination.
Regards
Henrik
This archive was generated by hypermail pre-2.1.9 : Fri Jun 01 2007 - 12:00:05 MDT