I managed to get this to work quite well (and I'll write up some docs in the
near future), but I did need to give the bridge device (br0 in my case) an
IP address in order to use DNAT. I would suggest that instead of using
REDIRECT, you use DNAT --to <IP address>:3128, as that has worked quite
well for me.
Also, did you apply the bridging firewall patches? You need those to get
the rest of the firewalling stuff to work.
Jason, who believes a bridging firewall w/webcache is the greatest thing
ever.
On Fri, Aug 31, 2001 at 12:07:54PM +0800, Near wrote:
> Hi,
>
> I have compiled the divert in linux kernel 2.4.7 .
> I setup a linux bridge which have 2 interface: eth0 , eth1.
> I use
> divert on eth1 enable tcp add dst 80
> to divert the http packages.
> And i use
> iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 80 -j REDIRECT --to-port
>3128
> to redirect it.
>
> But it seems that the netfilter can not work . And the tranfic of http package seems
>very slowly.
>
> Any suggestions?
>
>
> Regards Near
> _______________________________________________
> Bridge mailing list
> [EMAIL PROTECTED]
> http://www.math.leidenuniv.nl/mailman/listinfo/bridge
--
_______________________________________________
Jason R. Martin [EMAIL PROTECTED]
CSL Technical Services 217-333-7205
Coordinated Science Lab, University of Illinois
_______________________________________________
Bridge mailing list
[EMAIL PROTECTED]
http://www.math.leidenuniv.nl/mailman/listinfo/bridge
