From ArchWiki
Revision as of 01:35, 21 April 2010 by Thestinger (talk | contribs) (moved squid related talk from NAT firewall howto to here)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

iptables rules

I'm not sure if these also apply when using shorewall. This is based on the following assumptions:

  • iptables server is the gateway server
  • squid is listening on port 3128
  • local network is connecting to the server is and already has basic nat rules set up
  • iptables server is

It took me a while to realise that in addition to redirecting the traffic, the squid port needed to be opened before it would work:

echo " # open access to proxy - squid - port 3128"
$IPTABLES -A open -p tcp --syn --dport 3128 -j ACCEPT

echo " # Transparently forward http traffic to Squid"
$IPTABLES -t nat -A PREROUTING -i eth0 ! -d -p tcp --dport 80 -j REDIRECT --to-port 3128