Hi,
My setup is such that from home, I connect to a remote openvpn host
which is running IPtables.
That machine then redirects all traffic with rules like this:
iptables -t nat -A PREROUTING -i tun0 -s ! 10.17.0.3 -p tcp --dport
80 -j DNAT --to 10.17.0.3:3128
iptables -t nat -A POSTROUTING -o tun0 -s 10.111.111.0/24 -d
10.17.0.3 -j SNAT --to 10.111.111.1
Where 10.111.111.0/24 is my VPN, and 10.17.0.3 is my squid server.
The problem with this scenario, is that all requests appear to come
from 10.17.0.2 the openvpn server. Which defeats our purpose of
putting this proxy in place.. to catch a slacker who is wasting
company time.
Thoughts? Anyway we can use iptables better for this redirection?
Thanks
-- If my reply seems terse or short, it's nothing personal. Jeff MacDonald jeff_at_bignose.caReceived on Tue Sep 27 2011 - 18:37:59 MDT
This archive was generated by hypermail 2.2.0 : Wed Sep 28 2011 - 12:00:03 MDT