Thursday, August 28, 2008

Nog a sweet IP Tables rule

This one will force your users through your Squid proxy server, even if your users are configured to access the net directly

iptables -t nat - A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-ports 3128

assuming that your squid proxy is configured to use port 3128 the above rule on your iptables firewall.

or if your squid proxy server is on a different server say 192.168.1.10 then
iptables -t nat - A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT -d 192.168.1.10 --to-ports 3128

if you need to insert the rule at line number 5 of an existing chain then
iptables -t nat - I PREROUTING 5 -i eth0 -p tcp --dport 80 -j REDIRECT --to-ports 3128


will forward all standard port 80 http traffic to your Squid Proxy server on port 3128 .......sweet

No comments: