--- Saju A P <[EMAIL PROTECTED]> wrote:
> iptables -A INPUT -i eth1 -m state --state NEW -p tcp --dport 80 -j > ACCEPT > iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 80 -j REDIRECT > --to-port 3128 You are basically saying that all packets arriving on eth1 with destination port 80 will be sent to squid. Nothing wrong with that other than the fact that all requests to your apache listening on the IP of eth1 will also be captured by the REDIRECT rule and get sent to squid. You could choose not to run apache on the eth1 IP or setup a rule to ACCEPT all connections for the eth1 IP and dport 80 which will be more restrictive that the generic REDIRECT - I am not sure about this right now but it sould be easy to test on your setup. Mithun __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com ------------------------------------------------------- SF.Net email is Sponsored by the Better Software Conference & EXPO September 19-22, 2005 * San Francisco, CA * Development Lifecycle Practices Agile & Plan-Driven Development * Managing Projects & Teams * Testing & QA Security * Process Improvement & Measurement * http://www.sqe.com/bsce5sf _______________________________________________ linux-india-help mailing list linux-india-help@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/linux-india-help
