[tproxy] TPROXY + Cisco Firewall

Laszlo Attila Toth panther at balabit.hu
Mon Aug 13 10:13:15 CEST 2007

On Sunday 12 August 2007 00.28.07 Jojy Varghese wrote:
> Hi all
> 3.
> I have verified my changes by creating a REDIRECTION rule in the tproxy
> chain (can list my iptable changes by doing "iptables -t tproxy -L")


For instance a client try to connect to a webserver somewhere on the Internet 
listening on port 80, and your proxy is listening on port 50080. The iptables 
rule that redirects packets to that port is the following:

	iptables -t tproxy -p tcp --dport 80 -j TPROXY --on-port 50080

The next one is to allow incomming traffic on that port. Because the TPROXY 
target marks the packet, the following rule accepts these packets:

	iptables -t filter -A INPUT -m tproxy -j ACCEPT

A tutorial is available here:

	Laszlo Attila Toth

More information about the tproxy mailing list