[K12OSN] transparent proxying with LTSP--SOLVED
Ben Nickell
twinprism at athena.physics.isu.edu
Mon Feb 27 21:44:58 UTC 2006
<snip and rearrange>
> iptables -t nat -A OUTPUT -p tcp --dport 80 -j DNAT --to-destination
> 192.168.1.1:3128
> iptables -t nat -A PREROUTING -p tcp --dport 80 -j DNAT --to-
> destination 192.168.1.1:3128
Burke Almquist wrote:
> These lines even take care of access directly from the LTSP server,
> it's a slightly simpler setup with a separate machine, but this works.
>
Just to clarify:
My understanding is that the magic iptables transparent proxy lines will
only work if the filter is on another computer, that is, you can't have
the filter and the LTSP server on the same computer without some serious
iptables voodoo. The reason for this is that the rule would also block
your filter (squidguard, dansguardian) from fetching pages from the
internet.
The LTSP box can be directly connected to the Internet, but the filter
can't be on the same computer for a transparent proxy setup.
Is this correct?
Thanks,
Ben
Ben
More information about the K12OSN
mailing list