[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Iptables configuration for a transparent proxy for a single user

To: or-talk@xxxxxxxxxxxxx
Subject: Iptables configuration for a transparent proxy for a single user
From: leandro noferini <lnoferin@xxxxxxxxxxxxxxx>
Date: Thu, 14 May 2009 07:15:30 +0200
Delivered-to: archiver@xxxxxxxx
Delivered-to: or-talk-outgoing@xxxxxxxx
Delivered-to: or-talk@xxxxxxxx
Delivery-date: Thu, 14 May 2009 01:25:08 -0400
Reply-to: or-talk@xxxxxxxxxxxxx
Sender: owner-or-talk@xxxxxxxxxxxxx
User-agent: Gnus/5.11 (Gnus v5.11) Emacs/22.3 (gnu/linux)

Ciao a tutti,

in tor wiki at the address

http://wiki.noreply.org/noreply/TheOnionRouter/TransparentProxy#head-235f10e71909d609c46847c9f91efe8ed5168004

explains the way to apply a trasparent proxy for a specific user.

The rules for iptables are 

iptables -t nat -A OUTPUT -p tcp -m owner --uid-owner anonymous -m tcp --syn -j REDIRECT --to-ports 9040 
iptables -t nat -A OUTPUT -p udp -m owner --uid-owner anonymous -m udp --dport 53 -j REDIRECT --to-ports 53 
iptables -t nat -A OUTPUT -m owner --uid-owner anonymous -j DROP

In my debian  unstable linux (kernel 2.6.29 and  iptables 1.4.3.2-2 from
package) these  rules don't  work anymore and  this is the  message from
iptables

The "nat" table is not intended for filtering, the use of DROP is therefore inhibited.

Does anyone know the changes needed tomake it work again?


-- 
Ciao
leandro
Io non voglio sapere tutto, io voglio capire tutto

Attachment: pgpaSdQN92iXB.pgp
Description: PGP signature

Follow-Ups:
- Re: Iptables configuration for a transparent proxy for a single user
  - From: John Brooks

Prev by Author: Re: Increasing Polipo Portability for GSoC 2009
Next by Author: Re: Iptables configuration for a transparent proxy for a single user
Previous by thread: Using own descriptors with TOR
Next by thread: Re: Iptables configuration for a transparent proxy for a single user
Index(es):
- Author
- Thread