Re: [squid-users] IP Address routing through IP Tables

I am unable to connect. Would appreciate if you guide me here. Thank you in advance. Sarfraz ----- Original Message ----- From: Eliezer Croitoru <eliezer_at_ngtech.co.il> To: "squid-users_at_squid-cache.org" <squid-users_at_squid-cache.org> Cc: ***some text missing*** <shozii1_at_yahoo.com> Sent: Monday, March 17, 2014 7:40 PM Subject: Re: [squid-users] IP Address routing through IP Tables I'm at the IRC channel of the project at chat.freenode.net #squid. I seems to me like it will be better there... There are web clients for freenode. Eliezer On 17/03/2014 16:36, ***some text missing*** wrote: > Rule # 1 require.. > My client IP address is 10.25.40.121 and want to access IP directly 115.186.92.227 on port 21 bypass squid. > > Rule # 2 require.. > My client IP address is 10.25.40.121 need to by pass squid for direct internet access. > > ************Below is my IP Tables*************** > > -A FORWARD -j RH-Firewall-1-INPUT > -A RH-Firewall-1-INPUT -i lo -j ACCEPT > #-A RH-Firewall-1-INPUT -p icmp --icmp-type any -j ACCEPT > -A RH-Firewall-1-INPUT -s 10.1.12.250 -p ICMP --icmp-type > any -j ACCEPT > -A RH-Firewall-1-INPUT -s 10.25.23.103 -p ICMP --icmp-type > any -j ACCEPT > -A RH-Firewall-1-INPUT -s 10.1.40.25 -p ICMP --icmp-type any > -j ACCEPT > -A RH-Firewall-1-INPUT -s 10.1.40.11 -p ICMP --icmp-type any > -j ACCEPT > -A RH-Firewall-1-INPUT -s 10.25.40.121 -p ICMP --icmp-type > any -j ACCEPT > -A RH-Firewall-1-INPUT -s 10.1.42.63 -p ICMP --icmp-type any > -j ACCEPT > -A RH-Firewall-1-INPUT -s 10.1.82.0/24 -p ICMP --icmp-type > any -j ACCEPT > -A RH-Firewall-1-INPUT -s 10.25.88.0/24 -p ICMP --icmp-type > any -j ACCEPT > -A RH-Firewall-1-INPUT -s 10.0.101.50 -p ICMP --icmp-type > any -j ACCEPT > -A RH-Firewall-1-INPUT -s 10.0.101.51 -p ICMP --icmp-type any > -j ACCEPT > -A RH-Firewall-1-INPUT -s 10.0.101.52 -p ICMP --icmp-type > any -j ACCEPT > -A RH-Firewall-1-INPUT -s 10.0.101.53 -p ICMP --icmp-type > any -j ACCEPT > -A RH-Firewall-1-INPUT -s 10.0.101.55 -p ICMP --icmp-type > any -j ACCEPT > -A RH-Firewall-1-INPUT -p ICMP --icmp-type any -j DROP > #-A RH-Firewall-1-INPUT -p 50 -j ACCEPT > #-A RH-Firewall-1-INPUT -p 51 -j ACCEPT > -A RH-Firewall-1-INPUT -p udp --dport 5353 -d 224.0.0.251 -j > ACCEPT > -A RH-Firewall-1-INPUT -p udp -m udp --dport 631 -j ACCEPT > -A RH-Firewall-1-INPUT -p tcp -m tcp --dport 631 -j ACCEPT > -A RH-Firewall-1-INPUT -m state --state ESTABLISHED,RELATED > -j ACCEPT > #-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp > --dport 22 -j ACCEPT > -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp -s > 10.1.12.250 --dport 22 -j ACCEPT > -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp -s > 10.1.40.25 --dport 22 -j ACCEPT > -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp -s > 10.25.40.31 --dport 22 -j ACCEPT > -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp -s > 10.1.40.11 --dport 22 -j ACCEPT > -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp -s > 10.1.42.63 --dport 22 -j ACCEPT > -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp -s > 10.1.42.55 --dport 22 -j ACCEPT > -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp -s > 10.25.40.121 --dport 22 -j ACCEPT > -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp -s > 10.25.88.0/24 --dport 22 -j ACCEPT > -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp > --dport 22 -j DROP > -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp > --dport 80 -j ACCEPT > -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp > --dport 8080 -j ACCEPT > -A RH-Firewall-1-INPUT -m state --state NEW -m udp -p udp > --dport 8080 -j ACCEPT > -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp > --dport 161 -j ACCEPT > -A RH-Firewall-1-INPUT -m state --state NEW -m udp -p udp > --dport 161 -j ACCEPT > -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp > --dport 162 -j ACCEPT > -A RH-Firewall-1-INPUT -m state --state NEW -m udp -p udp > --dport 162 -j ACCEPT > > -A INPUT -p tcp --sport 21 -m state --state ESTABLISHED -j > ACCEPT > -A INPUT -p tcp --sport 20 -m state --state > ESTABLISHED,RELATED -j ACCEPT > -A INPUT -p tcp --sport 1024: --dport 1024: -m state --state > ESTABLISHED -j ACCEPT > -A OUTPUT -p tcp --dport 21 -m state --state NEW,ESTABLISHED > -j ACCEPT > -A OUTPUT -p tcp --dport 20 -m state --state ESTABLISHED -j > ACCEPT > -A OUTPUT -p tcp --sport 1024: --dport 1024: -m state > --state ESTABLISHED,RELATED,NEW -j ACCEPT > > -A RH-Firewall-1-INPUT -j REJECT --reject-with > icmp-host-prohibited > COMMIT > > > Regards, > Sarfraz > > > > ----- Original Message ----- > From: Eliezer Croitoru<eliezer_at_ngtech.co.il> > To:"squid-users_at_squid-cache.org"  <squid-users_at_squid-cache.org> > Cc:shozii1_at_yahoo.com > Sent: Monday, March 17, 2014 7:22 PM > Subject: Re: [squid-users] IP Address routing through IP Tables > > You can add a rule to the iptables with "-j ACCEPT" at the begining of > the mangle table and it will forward this IP address with no interception.. > If you have iptables rules and IP I can write to you some rule. > > Eliezer > > > On 17/03/2014 16:17, ***some text missing*** wrote: >> >Thank you for your reply. >> > >> >Please guide me with IP Tables rule. Thank you in advance. >> > >> >Regards, >> >Sarfraz
Received on Mon Mar 17 2014 - 15:03:12 MDT