[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]
Hello everyone. At my Uni they have a standard NAT setup, with one major exception- no traffic is allowed to port 80. Instead, you have to go through their proxy server, which runs on port 8080. I read somewhere that you can setup a transparent proxy system using iptables. However, this setup uses the REDIRECT target, which just directs traffic to a specified port on the local machine. So if you have a proxy running on port 8080, you can use a rule like this: iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-ports 8080 However, I want to use an external proxy server. I checked the iptables man page and eventually came up with this: iptables -t nat -A OUTPUT -p tcp --dport 80 -j DNAT --to-destination 137.222.10.108:8080 But it doesn't work. The problem is that I don't know if my rule will actually do what I want it to. I also don't know if the proxy server will handle this. In my understanding, the above rules (both of them actually) mean that the proxy server has to serve web pages as though it is a web server. I always thought that there was a special set of proxy commands. Also, the proxy server always mentioned in the howtos is squid, which perhaps has some extra functionality that allows this? I don't know what proxy the uni is running. As an aside, why doesn't the DNAT target support DNS lookups? If anyone can shed some light on this issue I would be grateful. Thanks in advance Simon -- The Mailing List for the Devon & Cornwall LUG http://mailman.dclug.org.uk/listinfo/list FAQ: http://www.dcglug.org.uk/linux_adm/list-faq.html