Hi Ben,
I suspect that will do the trick :)
Let us know
Cheers,
Pieter
On Tue, 25 Jan 2011, Ben Greear wrote:
> On 01/25/2011 10:36 AM, Ben Greear wrote:
>> On 01/25/2011 10:06 AM, Pieter De Wit wrote:
>>> Hi Ben,
>>>
>>> On 26/01/2011 06:55, Ben Greear wrote:
>>>> On 01/25/2011 09:48 AM, Pieter De Wit wrote:
>>>>> Hi Ben,
>>>>>
>>>>> There sure is :)
>>>>>
>>>>> Change the IP Tables rule at the bottom to something like this:
>>>>>
>>>>> /sbin/iptables -t nat -A PREROUTING -i br0 -p tcp -s 192.168.0.0/24
>>>>> --dport 80 -j REDIRECT --to-port 3128
>>>>>
>>>>> Replace the 192.168 with your network. Keep in mind that you can have
>>>>> multiples of these :)
>>>>>
>>>>> In a nutshell, IP Tables was making each request (even from the outside
>>>>> world) go via Squid.
>>>>
>>>> Do you happen to know if it can be done based on incoming (real) port
>>>> so we don't have to care about IP addresses?
>>>>
>>> You can, but that is not guaranteed, since the source port should be
>>> assigned at random by the OS. Keep in mind that this will be
>>> Chrome/IE/Firefox/<insert browser here> that makes the connection.
>>> Having re-read your suggestion, are you not referring to the ethernet
>>> port ?
>>
>> I mean ethernet port/interface, something like '-i br0
>> --original-input-dev eth0'
>>
>> If nothing comes to mind immediately, don't worry..I'll go read man
>> pages :)
>
> Looks like '--physdev-in eth0'
> might do the trick..we'll do some testing.
>
> Thanks,
> Ben
>
>>
>> Thanks,
>> Ben
>>
>>
>
>
> --
> Ben Greear <greearb_at_candelatech.com>
> Candela Technologies Inc http://www.candelatech.com
>
>
Received on Tue Jan 25 2011 - 19:16:56 MST
This archive was generated by hypermail 2.2.0 : Wed Jan 26 2011 - 12:00:03 MST