[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Needed changings for new version of iptables

To: or-talk@xxxxxxxxxxxxx
Subject: Needed changings for new version of iptables
From: leandro noferini <lnoferin@xxxxxxxxxxxxxxx>
Date: Wed, 07 Jan 2009 06:32:52 +0100
Delivered-to: archiver@xxxxxxxx
Delivered-to: or-talk-outgoing@xxxxxxxx
Delivered-to: or-talk@xxxxxxxx
Delivery-date: Wed, 07 Jan 2009 00:33:31 -0500
Reply-to: or-talk@xxxxxxxxxxxxx
Sender: owner-or-talk@xxxxxxxxxxxxx
User-agent: Gnus/5.11 (Gnus v5.11) Emacs/22.2 (gnu/linux)

Ciao a tutti,

I am using the method explained at
http://wiki.noreply.org/noreply/TheOnionRouter/TransparentProxy  to have
a trasparent proxy for a specifical user on a debian/i386 unstable.

I use these rules for iptables:

iptables -t nat -A OUTPUT -p tcp -m owner --uid-owner anoymous -m tcp --syn -j REDIRECT --to-ports 9040
iptables -t nat -A OUTPUT -p udp -m owner --uid-owner anoymous -m udp --dport 53 -j REDIRECT --to-ports 53
iptables -t nat -A OUTPUT -m owner --uid-owner anoymous -j DROP

But since some  days ago a new version of  iptables (1.4.2-2) arrived in
distribution and I am having this error message:

The "nat" table is not intended  for filtering, hence the use of DROP is
deprecated and will permanently be disabled in the next iptables release. Please adjust your scripts.

How I could change the above script for the new iptables version?

-- 
Ciao
leandro
Un esteso e "normale" uso della crittografia è il sistema più forte
per rivendicare il diritto alla privacy nelle comunicazioni
telematiche: come tutti i diritti e come i muscoli se non viene
esercitato costantemente si atrofizza e va perso.

Attachment: pgp3NNiwzktYP.pgp
Description: PGP signature

Prev by Author: Re: Here we go again...tor just stops
Next by Author: CodeCon 2009 Call for Presentations
Previous by thread: Re: UseEntryGuards=0 overwrites EntryNodes
Next by thread: tor controlport wants authentication even if authentication is switched off
Index(es):
- Author
- Thread