[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Iptables configuration for a transparent proxy for a single user



John Brooks ha scritto:

> Removing '-t nat' from the last rule should do what you need. Only the
> first two really need to be in the NAT table (because they are
> modifying the traffic, not filtering it).

[...]

> > iptables -t nat -A OUTPUT -p tcp -m owner --uid-owner anonymous -m tcp --syn -j REDIRECT --to-ports 9040
> > iptables -t nat -A OUTPUT -p udp -m owner --uid-owner anonymous -m udp --dport 53 -j REDIRECT --to-ports 53
> > iptables -t nat -A OUTPUT -m owner --uid-owner anonymous -j DROP

[...]

Ok, now ipfilter does not complain but I cannot connect anymore.

:-(

I will investigate more.

-- 
Ciao
leandro
Io non voglio sapere tutto, io voglio capire tutto

Attachment: pgpFkX0BlMyNg.pgp
Description: PGP signature