On 01/25/2011 10:06 AM, Pieter De Wit wrote:
> Hi Ben,
>
> On 26/01/2011 06:55, Ben Greear wrote:
>> On 01/25/2011 09:48 AM, Pieter De Wit wrote:
>>> Hi Ben,
>>>
>>> There sure is :)
>>>
>>> Change the IP Tables rule at the bottom to something like this:
>>>
>>> /sbin/iptables -t nat -A PREROUTING -i br0 -p tcp -s 192.168.0.0/24
>>> --dport 80 -j REDIRECT --to-port 3128
>>>
>>> Replace the 192.168 with your network. Keep in mind that you can have
>>> multiples of these :)
>>>
>>> In a nutshell, IP Tables was making each request (even from the outside
>>> world) go via Squid.
>>
>> Do you happen to know if it can be done based on incoming (real) port
>> so we don't have to care about IP addresses?
>>
> You can, but that is not guaranteed, since the source port should be
> assigned at random by the OS. Keep in mind that this will be
> Chrome/IE/Firefox/<insert browser here> that makes the connection.
> Having re-read your suggestion, are you not referring to the ethernet
> port ?
I mean ethernet port/interface, something like '-i br0 --original-input-dev eth0'
If nothing comes to mind immediately, don't worry..I'll go read man pages :)
Thanks,
Ben
-- Ben Greear <greearb_at_candelatech.com> Candela Technologies Inc http://www.candelatech.comReceived on Tue Jan 25 2011 - 18:37:00 MST
This archive was generated by hypermail 2.2.0 : Wed Jan 26 2011 - 12:00:03 MST