43 lines
1.9 KiB
HTML
43 lines
1.9 KiB
HTML
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
|
|
<HTML>
|
|
<HEAD>
|
|
<META NAME="GENERATOR" CONTENT="SGML-Tools 1.0.9">
|
|
<TITLE>Transparent Proxy with Linux and Squid mini-HOWTO: Setting up iptables (Netfilter)</TITLE>
|
|
<LINK HREF="TransparentProxy-6.html" REL=next>
|
|
<LINK HREF="TransparentProxy-4.html" REL=previous>
|
|
<LINK HREF="TransparentProxy.html#toc5" REL=contents>
|
|
</HEAD>
|
|
<BODY>
|
|
<A HREF="TransparentProxy-6.html">Next</A>
|
|
<A HREF="TransparentProxy-4.html">Previous</A>
|
|
<A HREF="TransparentProxy.html#toc5">Contents</A>
|
|
<HR>
|
|
<H2><A NAME="s5">5. Setting up iptables (Netfilter)</A></H2>
|
|
|
|
<P>iptables is a new thing for Linux kernel 2.4 that replaces ipchains.
|
|
If your distribution came with a 2.4 kernel, it probably has iptables
|
|
already installed. If not, you'll have to download it (and possibly
|
|
compile it). The homepage is
|
|
<A HREF="http://netfilter.samba.org/">netfilter.samba.org</A>.
|
|
You make be able to find binary RPMs elsewhere, I haven't looked. For the
|
|
curious, there is plenty of documentation on the netfilter site.
|
|
<P>To set up the rules, you will need to know two things, the interface that
|
|
the to-be-proxied requests are coming in on (I'll use eth0 as an example)
|
|
and the port squid is running on (I'll use the default of 3128 as an example).
|
|
<P>Now, the magic words for transparent proxying:
|
|
<P>
|
|
<UL>
|
|
<LI>iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 3128</LI>
|
|
</UL>
|
|
<P>You will want to add the above commands to your appropriate bootup script
|
|
under /etc/rc.d/. Readers upgrading from 2.2 kernels should note that
|
|
this is the only command needed. 2.2 kernels required two extra commands
|
|
in order to prevent forwarding loops. The infastructure of netfilter is
|
|
much nicer, and only this command is needed.
|
|
<HR>
|
|
<A HREF="TransparentProxy-6.html">Next</A>
|
|
<A HREF="TransparentProxy-4.html">Previous</A>
|
|
<A HREF="TransparentProxy.html#toc5">Contents</A>
|
|
</BODY>
|
|
</HTML>
|