[squid-users] Re: Is there a way to bypass squid for any destination ip address ?

From: Adam Aube <aaube01@dont-contact.us>
Date: Fri, 18 Feb 2005 20:25:23 -0500

Please don't ask a new question by replying to another post - instead, post
a new message to the list.

Nont Banditwong wrote:

> My transparency squid box redirect packet which has destination port 80 to
> 3128 by this iptable command
> iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT
> --to-port 3128
> but I don't want clients access some destination ip address through squid,
> Is there a way to bypass squid by add some iptables command ?

(This question really belongs on an iptables list.)

Before the REDIRECT line above, add iptables rules similar to this:

iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -d a.b.c.d -j ACCEPT

where "a.b.c.d" is the IP address of the server to bypass Squid for. Also,
be sure to allow port 80 traffic in your FORWARD chain.

Received on Fri Feb 18 2005 - 18:25:49 MST

This archive was generated by hypermail pre-2.1.9 : Tue Mar 01 2005 - 12:00:02 MST