On 9/11/05, Saju A P <[EMAIL PROTECTED]> wrote: > iptables -A INPUT -i eth1 -m state --state NEW -p tcp --dport 80 -j ACCEPT > iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 80 -j REDIRECT > --to-port 3128
Is there any reason why access to the apache running on your machine should be through squid? If there isn't, you can rewrite the second rule like so: iptables -t nat -A PREROUTING -i eth1 -p tcp --destination ! ip.addr.or.eth1 --dport 80 -j REDIRECT --to-port 3128 Replace ip.addr.of.eth1 as appropriate. You are basically saying that all accesses to port 80 other than to the machine itself will be rerouted through squid. Thaths -- "This is everybody's fault but mine!" -- Homer J. Simpson ------------------------------------------------------- SF.Net email is Sponsored by the Better Software Conference & EXPO September 19-22, 2005 * San Francisco, CA * Development Lifecycle Practices Agile & Plan-Driven Development * Managing Projects & Teams * Testing & QA Security * Process Improvement & Measurement * http://www.sqe.com/bsce5sf _______________________________________________ linux-india-help mailing list linux-india-help@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/linux-india-help
