Difference between revisions of "Iptables Squid Transparent"

From MS Computech
Jump to: navigation, search
(New page: <pre> iptables -t nat -D PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 3128 iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 3128 ...)
 
 
(One intermediate revision by the same user not shown)
Line 1: Line 1:
 
<pre>
 
<pre>
                iptables -t nat -D PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 3128
+
# Redirect service ftp from Local.Netcafe to any.Wan options redirectport="2121"
                iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 3128
+
/sbin/iptables -t nat -A PREROUTING -i eth2 -p tcp -m tcp --syn -s 192.168.1.0/255.255.255.0 --sport 1024:65535 -d 0.0.0.0/0.0.0.0 --dport 21 -j REDIRECT --to-ports 2121
        #C.S Online
+
/sbin/iptables -A INPUT -i eth2 -p tcp -m tcp --syn -s 192.168.1.0/255.255.255.0 --sport 1024:65535 -d 192.168.1.1/255.255.255.255 --dport 2121 -j ACCEPT
                iptables -t nat -D PREROUTING -p tcp --dport 9898 -j REDIRECT --to-port 3128
+
 
                iptables -t nat -I PREROUTING -p tcp --dport 9898 -j REDIRECT --to-port 3128
+
# Redirect service http from Local.Netcafe to any.Wan options redirectport="8888"
         #Trickter
+
/sbin/iptables -t nat -A PREROUTING -i eth2 -p tcp -m tcp --syn -s 192.168.1.0/255.255.255.0 --sport 1024:65535 -d 0.0.0.0/0.0.0.0 --dport 80:81 -j REDIRECT --to-ports 8888
                iptables -t nat -D PREROUTING -p tcp --dport 5977 -j REDIRECT --to-port 3128
+
/sbin/iptables -A INPUT -i eth2 -p tcp -m tcp --syn -s 192.168.1.0/255.255.255.0 --sport 1024:65535 -d 192.168.1.1/255.255.255.255 --dport 8888 -j ACCEPT
                iptables -t nat -I PREROUTING -p tcp --dport 5977 -j REDIRECT --to-port 3128
+
</pre>
 +
<pre>
 +
if [ -f /var/run/squid.pid ]; then
 +
         iptables -t nat -D PREROUTING -i eth1 -p tcp -m multiport --destination-port 80,5977 -j REDIRECT --to-port 3128
 +
        iptables -t nat -I PREROUTING -i eth1 -p tcp -m multiport --destination-port 80,5977 -j REDIRECT --to-port 3128
 +
fi
 
</pre>
 
</pre>

Latest revision as of 14:27, 18 September 2009

 # Redirect service ftp from Local.Netcafe to any.Wan options redirectport="2121"
/sbin/iptables -t nat -A PREROUTING -i eth2 -p tcp -m tcp --syn -s 192.168.1.0/255.255.255.0 --sport 1024:65535 -d 0.0.0.0/0.0.0.0 --dport 21 -j REDIRECT --to-ports 2121
/sbin/iptables -A INPUT -i eth2 -p tcp -m tcp --syn -s 192.168.1.0/255.255.255.0 --sport 1024:65535 -d 192.168.1.1/255.255.255.255 --dport 2121 -j ACCEPT

# Redirect service http from Local.Netcafe to any.Wan options redirectport="8888"
/sbin/iptables -t nat -A PREROUTING -i eth2 -p tcp -m tcp --syn -s 192.168.1.0/255.255.255.0 --sport 1024:65535 -d 0.0.0.0/0.0.0.0 --dport 80:81 -j REDIRECT --to-ports 8888
/sbin/iptables -A INPUT -i eth2 -p tcp -m tcp --syn -s 192.168.1.0/255.255.255.0 --sport 1024:65535 -d 192.168.1.1/255.255.255.255 --dport 8888 -j ACCEPT

if [ -f /var/run/squid.pid ]; then
        iptables -t nat -D PREROUTING -i eth1 -p tcp -m multiport --destination-port 80,5977 -j REDIRECT --to-port 3128
        iptables -t nat -I PREROUTING -i eth1 -p tcp -m multiport --destination-port 80,5977 -j REDIRECT --to-port 3128
fi
Retrieved from "https://msc.siamtools.com/wiki/index.php?title=Iptables_Squid_Transparent&oldid=629"