2009/10/7 Will Metcalf <[email protected]>: > iptables should work fine for this, I'm doing exactly what you are > tying to accomplish in multiple places. > > try these rules... where eth0 should be replaced with the interface > that your port 80 traffic comes in on.. > > #redirect web traffic to proxy > iptables -t nat -A PREROUTING -m physdev --physdev-in eth0 -p tcp > --dport 80 -j REDIRECT --to-port 3128 > > #accept the redirected traffic > iptables -A INPUT -p tcp --dport 3128 -j ACCEPT > iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT > > #allow all other traffic to move across the bridge > iptables -A FORWARD -j ACCEPT >
OK, I'm building the physdev kernel module and will give it a try. Robin _______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
