Okay, perhaps we are misunderstanding each other. What I described has worked for me for the last 230 days, so you must be talking about something else. I have a transparent bridging firewall, which is also running Squid. It grabs all outgoing port 80 packets and redirects them to port 8080 on the local machine, which is running Squid. Packets make their way back to the client machine just fine from the Squid server, and packets make their way from the Squid server out to remote web servers just fine as well. So either you are trying to do something different than that, or you are wrong in your analysis of my rules.
Thanks, Jason On Wed, Oct 16, 2002 at 02:39:26PM +0400, Alex Torkhov wrote: > No, I said, that you cannot do this: > > > $IPTABLES -t nat -A PREROUTING -i eth0 -s ! $PROXYMACHINE -d ! > $LOCALNET -p tcp --dport 80 -j DNAT --to $PROXYMACHINE:8080 > > because no bridging packets will go table nat. Thay will go to table filter, > chain $BRIDGEIF > > Alex. -- _________________________________________________________________ Jason R. Martin | Network Administrator | Coordinated Science Lab _______________________________________________ Bridge mailing list [EMAIL PROTECTED] http://www.math.leidenuniv.nl/mailman/listinfo/bridge
