This one will force your users through your Squid proxy server, even if your users are configured to access the net directly
iptables -t nat - A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-ports 3128
assuming that your squid proxy is configured to use port 3128 the above rule on your iptables firewall.
or if your squid proxy server is on a different server say 192.168.1.10 then
iptables -t nat - A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT -d 192.168.1.10 --to-ports 3128
if you need to insert the rule at line number 5 of an existing chain then
iptables -t nat - I PREROUTING 5 -i eth0 -p tcp --dport 80 -j REDIRECT --to-ports 3128
will forward all standard port 80 http traffic to your Squid Proxy server on port 3128 .......sweet
No comments:
Post a Comment