as the name itself says, "redirect" - redirect packets to the destination
address/host just like the transparent proxy u mentioned, packets from ur
network destined for http is redirected to the http proxy. users won't know
what's the address of the proxy that ur using.
dnat is used when u want to publish something from ur internal network to
the public. u can use dnat to translate a single port or even all ports. it
will depend on ur requirement.
On Fri, Feb 22, 2008 at 5:04 PM, Martin Acupanda <[EMAIL PROTECTED]>
wrote:
> Sir Van! :)
>
> You are correct. I'd like to capture all http ("web") traffic.
>
> Additionally, I saw this from a script for transparent proxy.
> iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT
> --to-port 3128
>
> What is the difference (or similarity if any) between "-j REDIRECT"
> above and "-j DNAT" in my earlier post?
>
>
> On Fri, Feb 22, 2008 at 4:41 PM, Anthony Van Quintero
> <[EMAIL PROTECTED]> wrote:
> >
> > what do you mean by capturing all web traffic? i think this will only
> direct
> > all HTTP traffics from your network to the destination IP address you
> > specified.
> >
> >
> >
> >
> > On 2/22/08, Martin Acupanda <[EMAIL PROTECTED]> wrote:
> > >
> > >
> > >
> > > I'd like to do this experiment. I'd like to capture *all web traffic*
> > > and direct it all to my web server.
> > >
> > > This is my network.
> > > my home LAN/WIFI Network(subnet#1) ----> ordinary router/AccessPoint
> > > -----> my web server(subnet#2) w/ IP based virtual hosting
> > >
> > > And I found this in the internet :)
> > > iptables -t nat -A PREROUTING -i eth0 --dport 80 -j DNAT
> > > --to-destination <ip-address of virtual host>:80
> > >
> > > If I place this rule in "my web server", will this work? Or do I need
> > > to google some more.
> > >
> > > --
> > >
> > > Regards,
> > >
> > > Martin Acupanda
> > > _________________________________________________
> > > Philippine Linux Users' Group (PLUG) Mailing List
> > > [email protected] (#PLUG @ irc.free.net.ph)
> > > Read the Guidelines: http://linux.org.ph/lists
> > > Searchable Archives: http://archives.free.net.ph
> > >
> >
> >
> >
> > --
> > "And a rock feels no pain,
> > and an island never cries"
> > _________________________________________________
> > Philippine Linux Users' Group (PLUG) Mailing List
> > [email protected] (#PLUG @ irc.free.net.ph)
> > Read the Guidelines: http://linux.org.ph/lists
> > Searchable Archives: http://archives.free.net.ph
> >
>
>
>
> --
>
> Regards,
>
> Martin Acupanda
> _________________________________________________
> Philippine Linux Users' Group (PLUG) Mailing List
> [email protected] (#PLUG @ irc.free.net.ph)
> Read the Guidelines: http://linux.org.ph/lists
> Searchable Archives: http://archives.free.net.ph
>
--
"And a rock feels no pain,
and an island never cries"
_________________________________________________
Philippine Linux Users' Group (PLUG) Mailing List
[email protected] (#PLUG @ irc.free.net.ph)
Read the Guidelines: http://linux.org.ph/lists
Searchable Archives: http://archives.free.net.ph
