2009/12/16 Imam Cartealy <[email protected]>: > salam > > bisa post hasil iptables -L sama iptables -t nat -L. kali aja aja yang > kelupaan...:) > > > wassalam > > ic > > "mbah Darmo" wrote: >> 2009/12/15 Amiruddin Utina <[email protected]>: >>> 2009/12/15 "mbah Darmo" <[email protected]>: >>>> Dear Rekans, >>>> newbie neh...beberapa waktu yang lalu saya diajarin oleh rekan tentang >>>> squid+iptables sebagai transparent proxy, saat ini sudah jalan...tapi >>>> baru http saja yang bisa...trus sekarang kesulitan redirect yang >>>> https(port 443).sementara bisa digunakan kalo pada setiap browser >>>> proxy nya dimasukin manual...nah penginnnya sih gak perlu masukin >>>> manual satu2 di client. >>>> kata rekan2 sih saya harus masukin rule di iptables nya... >>>> sudah saya coba masukin: >>>> iptables -t nat -A PREROUTING -p tcp --dport 443 -j REDIRECT --to-ports >>>> 3128 >>>> iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 443 -j REDIRECT >>>> --to-ports 3128 >>>> >>>> tapi masih belum mau...mohon koreksi dan pencerahan dari rekan2 semua... >>>> Thanks, >>>> Salam >>>> >>>> -- >>>> FAQ milis di http://wiki.linux.or.id/FAQ_milis_tanya-jawab >>>> Unsubscribe: kirim email ke [email protected] >>>> Arsip dan info milis selengkapnya di http://linux.or.id/milis >>>> >>>> >>> mungkin setting squidnya belum di transparant >>> >>> -- >>> ./Amiruddin Utina ++ >>> >>> -- >>> FAQ milis di http://wiki.linux.or.id/FAQ_milis_tanya-jawab >>> Unsubscribe: kirim email ke [email protected] >>> Arsip dan info milis selengkapnya di http://linux.or.id/milis >>> >>> >> >> untuk port http sudah bisa transparent, tetapi untuk https belum bisa >> pak, Thanks, >> salam, >> > > -- > Imam Cartealy > Linux registered user #481374 > > Surat elektronik ini bersifat rahasia dan bisa berisikan informasi yang > bersifat > pribadi. Anda tidak diperkenankan untuk menggandakan, menggunakan ataupun > mengungkapkan surat elektronik ini dalam bentuk apapun kepada siapapun. > Penggunaan ataupun penyebaran surat elektronik ini dalam bentuk apapun kepada > pihak lain adalah diluar tanggung jawab penulis. > > Surat elektronik ini termasuk tambahan yang diikutkan dalam surat elektronik > ini > ditujukan hanya untuk penerima. Jika Anda bukan orang yang dimaksudkan oleh > penulis sebagai penerima surat elektronik ini, Anda tidak diperbolehkan untuk > mengambil tindakan apapun terhadap surat elektronik ini dan menunjukkannya > kepada siapapun. Jika Anda menerima surat elektronik ini karena kesalahan, > mohon > beritahukan penulis dan segera menghapusnya. > > -- > FAQ milis di http://wiki.linux.or.id/FAQ_milis_tanya-jawab > Unsubscribe: kirim email ke [email protected] > Arsip dan info milis selengkapnya di http://linux.or.id/milis > > Dear Pak Imam, Berikut saya kirim hasilnya...thanks server:~ # iptables -L Chain INPUT (policy ACCEPT) target prot opt source destination
Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination ACCEPT tcp -- anywhere anywhere tcp dpt:https ACCEPT tcp -- anywhere anywhere tcp dpt:https ACCEPT tcp -- anywhere anywhere tcp dpt:https ACCEPT tcp -- anywhere anywhere tcp dpt:https ACCEPT tcp -- anywhere anywhere tcp dpt:https server:~ # iptables -t nat -L Chain PREROUTING (policy ACCEPT) target prot opt source destination REDIRECT tcp -- anywhere anywhere tcp dpt:http redir ports 3128 REDIRECT tcp -- anywhere anywhere tcp dpt:hosts2-ns r edir ports 3128 REDIRECT tcp -- anywhere anywhere tcp dpt:beacon-port redir ports 3128 REDIRECT tcp -- anywhere anywhere tcp dpt:https redir ports 3128 REDIRECT tcp -- anywhere anywhere tcp dpt:http redir ports 3128 REDIRECT tcp -- anywhere anywhere tcp dpt:https redir ports 3128 REDIRECT tcp -- anywhere anywhere tcp dpt:http redir ports 3128 REDIRECT tcp -- anywhere anywhere tcp dpt:hosts2-ns r edir ports 3128 REDIRECT tcp -- anywhere anywhere tcp dpt:beacon-port redir ports 3128 REDIRECT tcp -- anywhere anywhere tcp dpt:https redir ports 3128 REDIRECT tcp -- anywhere anywhere tcp dpt:http redir ports 3128 REDIRECT tcp -- anywhere anywhere tcp dpt:https redir ports 3128 REDIRECT tcp -- anywhere anywhere tcp dpt:http redir ports 3128 REDIRECT tcp -- anywhere anywhere tcp dpt:hosts2-ns r edir ports 3128 REDIRECT tcp -- anywhere anywhere tcp dpt:beacon-port redir ports 3128 REDIRECT tcp -- anywhere anywhere tcp dpt:https redir ports 3128 REDIRECT tcp -- anywhere anywhere tcp dpt:http redir ports 3128 REDIRECT tcp -- anywhere anywhere tcp dpt:https redir ports 3128 REDIRECT tcp -- anywhere anywhere tcp dpt:http redir ports 3128 REDIRECT tcp -- anywhere anywhere tcp dpt:hosts2-ns r edir ports 3128 REDIRECT tcp -- anywhere anywhere tcp dpt:beacon-port redir ports 3128 REDIRECT tcp -- anywhere anywhere tcp dpt:https redir ports 3128 REDIRECT tcp -- anywhere anywhere tcp dpt:http redir ports 3128 REDIRECT tcp -- anywhere anywhere tcp dpt:https redir ports 3128 REDIRECT tcp -- anywhere anywhere tcp dpt:http redir ports 3128 REDIRECT tcp -- anywhere anywhere tcp dpt:hosts2-ns r edir ports 3128 REDIRECT tcp -- anywhere anywhere tcp dpt:beacon-port redir ports 3128 REDIRECT tcp -- anywhere anywhere tcp dpt:https redir ports 3128 REDIRECT tcp -- anywhere anywhere tcp dpt:http redir ports 3128 REDIRECT tcp -- anywhere anywhere tcp dpt:https redir ports 3128 REDIRECT tcp -- anywhere anywhere tcp dpt:http redir ports 3128 REDIRECT tcp -- anywhere anywhere tcp dpt:hosts2-ns r edir ports 3128 REDIRECT tcp -- anywhere anywhere tcp dpt:beacon-port redir ports 3128 REDIRECT tcp -- anywhere anywhere tcp dpt:https redir ports 3128 REDIRECT tcp -- anywhere anywhere tcp dpt:http redir ports 3128 REDIRECT tcp -- anywhere anywhere tcp dpt:https redir ports 3128 REDIRECT tcp -- anywhere anywhere tcp dpt:http redir ports 3128 REDIRECT tcp -- anywhere anywhere tcp dpt:hosts2-ns r edir ports 3128 REDIRECT tcp -- anywhere anywhere tcp dpt:beacon-port redir ports 3128 REDIRECT tcp -- anywhere anywhere tcp dpt:https redir ports 3128 REDIRECT tcp -- anywhere anywhere tcp dpt:http redir ports 3128 REDIRECT tcp -- anywhere anywhere tcp dpt:https redir ports 3128 REDIRECT tcp -- anywhere anywhere tcp dpt:http redir ports 3128 REDIRECT tcp -- anywhere anywhere tcp dpt:hosts2-ns r edir ports 3128 REDIRECT tcp -- anywhere anywhere tcp dpt:beacon-port redir ports 3128 REDIRECT tcp -- anywhere anywhere tcp dpt:https redir ports 3128 REDIRECT tcp -- anywhere anywhere tcp dpt:http redir ports 3128 REDIRECT tcp -- anywhere anywhere tcp dpt:https redir ports 3128 REDIRECT tcp -- anywhere anywhere tcp dpt:http redir ports 3128 REDIRECT tcp -- anywhere anywhere tcp dpt:hosts2-ns r edir ports 3128 REDIRECT tcp -- anywhere anywhere tcp dpt:beacon-port redir ports 3128 REDIRECT tcp -- anywhere anywhere tcp dpt:https redir ports 3128 REDIRECT tcp -- anywhere anywhere tcp dpt:http redir ports 3128 REDIRECT tcp -- anywhere anywhere tcp dpt:https redir ports 3128 Chain POSTROUTING (policy ACCEPT) target prot opt source destination SNAT all -- 192.168.1.0/24 anywhere to:125.163.182.189 SNAT all -- 192.168.1.0/24 anywhere to:125.163.182.189 SNAT all -- 192.168.1.0/24 anywhere to:125.163.182.189 SNAT all -- 192.168.1.0/24 anywhere to:125.163.182.189 SNAT all -- 192.168.1.0/24 anywhere to:125.163.182.189 SNAT all -- 192.168.1.0/24 anywhere to:125.163.182.189 SNAT all -- 192.168.1.0/24 anywhere to:125.163.182.189 SNAT all -- 192.168.1.0/24 anywhere to:125.163.182.189 SNAT all -- 192.168.1.0/24 anywhere to:125.163.182.189 Chain OUTPUT (policy ACCEPT) target prot opt source destination server:~ # -- FAQ milis di http://wiki.linux.or.id/FAQ_milis_tanya-jawab Unsubscribe: kirim email ke [email protected] Arsip dan info milis selengkapnya di http://linux.or.id/milis
