On Sunday 12 August 2007 00.28.07 Jojy Varghese wrote:
Hi all 3. I have verified my changes by creating a REDIRECTION rule in the tproxy chain (can list my iptable changes by doing "iptables -t tproxy -L")
Hello, For instance a client try to connect to a webserver somewhere on the Internet listening on port 80, and your proxy is listening on port 50080. The iptables rule that redirects packets to that port is the following: iptables -t tproxy -p tcp --dport 80 -j TPROXY --on-port 50080 The next one is to allow incomming traffic on that port. Because the TPROXY target marks the packet, the following rule accepts these packets: iptables -t filter -A INPUT -m tproxy -j ACCEPT A tutorial is available here: http://www.balabit.hu/network-security/zorp-gateway/gpl/tutorial/ -- Regards, Laszlo Attila Toth