[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

[K12OSN] Help with iptables



I'm having some problems with our iptables on our K12LTSP EL5 box. What I'd like to do is force all traffic through our proxy EXCEPT local 192.168 & DMZ 172.16 traffic.

I've copied the notes on the Wiki and that works except the local / DMZ traffic still goes via the proxy. I've added .portsmouth-college.ac.uk to the proxy bypass but this causes the machines to be stopped going to local addresses. I think it's the NAT section that is the problem.

Any ideas ??

Thanks
Brian

This is the dump of iptables I have

# Generated by iptables-save v1.3.5 on Tue Dec  9 15:16:57 2008
*mangle
:PREROUTING ACCEPT [375588828:72798580212]
:INPUT ACCEPT [375588263:72798529543]
:FORWARD ACCEPT [288:17280]
:OUTPUT ACCEPT [599782127:692898036982]
:POSTROUTING ACCEPT [599782441:692898067655]
COMMIT
# Completed on Tue Dec  9 15:16:57 2008
# Generated by iptables-save v1.3.5 on Tue Dec  9 15:16:57 2008
*filter
:INPUT ACCEPT [375588263:72798529543]
:FORWARD ACCEPT [288:17280]
:OUTPUT ACCEPT [599782046:692898029854]
COMMIT
# Completed on Tue Dec  9 15:16:57 2008
# Generated by iptables-save v1.3.5 on Tue Dec  9 15:16:57 2008
*nat
:PREROUTING ACCEPT [3638527:670011055]
:POSTROUTING ACCEPT [2458078:165610024]
:OUTPUT ACCEPT [2454988:165424624]
-A PREROUTING -p tcp -m tcp --dport 80 -j DNAT --to-destination 192.168.0.80:8080
-A OUTPUT -p tcp -m tcp --dport 80 -j DNAT --to-destination 192.168.0.80:8080
COMMIT
# Completed on Tue Dec  9 15:16:57 2008


------------------------------------------------------------------------------------------------
   The views expressed here are my own and not necessarily

the views of Portsmouth College
[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]