[an error occurred while processing this directive] [an error occurred while processing this directive][an error occurred while processing this directive] [an error occurred while processing this directive] [an error occurred while processing this directive] [an error occurred while processing this directive] (none) [an error occurred while processing this directive] [an error occurred while processing this directive] [an error occurred while processing this directive] [an error occurred while processing this directive] [an error occurred while processing this directive][an error occurred while processing this directive] [an error occurred while processing this directive][an error occurred while processing this directive] [an error occurred while processing this directive][an error occurred while processing this directive] [an error occurred while processing this directive] [an error occurred while processing this directive] [an error occurred while processing this directive] (none) [an error occurred while processing this directive] [an error occurred while processing this directive] [an error occurred while processing this directive][an error occurred while processing this directive]
 
[an error occurred while processing this directive] [an error occurred while processing this directive]
Skåne Sjælland Linux User Group - http://www.sslug.dk Home   Subscribe   Mail Archive   Forum   Calendar   Search
MhonArc Date: [Date Prev] [Date Index] [Date Next]   Thread: [Date Prev] [Thread Index] [Date Next]   MhonArc
 

Re: [NETVAERK] Iptables og hvordan man kommer udenom prerouting



Bent Bagger wrote:
Brian Møller wrote:

Det er et spørgsmål om at de source adresser jeg definerer ikke bliver
redirected fra port 80 til 3128. Det er hele subnet's der som regel er tale
om. f.eks. 10.30.95.0/16 eller lign.

Har du prøvet at tilføje '-s ! 10.30.95.0/16' til din firewall-regel? Bemærk udråbstegnet, der er negation.



Jeg ville foretrække at sætte en accept-linje ind for de hosts eller net som skal undgå proxyfilteret - men det er bare en anden måde at opnå det samme.


Noget i stil med:
iptables -A PREROUTING -s 1.2.3.4 -p tcp -m tcp --dport 80 -j ACCEPT
iptables -A PREROUTING -s 2.3.4.0/24 -p tcp -m tcp --dport 80 -j ACCEPT
iptables -A PREROUTING -p tcp -m tcp --dport 80 -j TPROXY --on-port 3128

Mvh
Kenneth


 
Home   Subscribe   Mail Archive   Index   Calendar   Search

 
 
Questions about the web-pages to <www_admin>. Last modified 2007-04-01, 02:01 CEST [an error occurred while processing this directive]
This page is maintained by [an error occurred while processing this directive]MHonArc [an error occurred while processing this directive] # [an error occurred while processing this directive] *