Ken Foskey wrote: > On Sun, 2004-05-02 at 17:08, Ken Foskey wrote: > > >>>And.... How do I block port 80 on eth1 using ipmasq (ipchains) under >>>debian. >> >>All I need to do now is figure out how to ensure the proxy is used. > > > Turns out that I am using iptables (K 2.4.26) I think this command > should do the drop that I want. > > iptables -A INPUT -j DROP -p tcp -d 0/0 --destination-port www > > Is this right, will is stop squid going out? > Where do I put this in the startup to make it work? >
Instead of blocking port 80, you could also consider redirecting it to the port used by squid. Something like: iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 3128 This works for me (transparent proxying) under SuSE. -- Found in Sydney, Keith -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
