it should work for you like this:
Code:
#!/bin/bash
IF_EXTERNA="eth0"
IF_INTERNA="eth1"
REDE_INTERNA="192.168.254.0/24"
iptables -F
iptables -F -t nat
iptables -F -t mangle
iptables -X
iptables -X -t nat
iptables -X -t mangle
iptables -Z
iptables -P INPUT DROP
iptables -P FORWARD DROP
iptables -P OUTPUT ACCEPT
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A INPUT -i lo -j ACCEPT
iptables -A INPUT -p TCP -i $IF_INTERNA -s $REDE_INTERNA \
--dport 3128 -m state --state NEW -j ACCEPT
iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A FORWARD -i $IF_INTERNA -o $IF_EXTERNA \
-s $REDE_INTERNA -m state --state NEW -j ACCEPT
iptables -t nat -A PREROUTING -p TCP -i $IF_INTERNA \
--dport 80 -j REDIRECT --to-ports 3128
iptables -t nat -A POSTROUTING -o $IF_EXTERNA -j MASQUERADE
Quote:
|
Originally Posted by stomach
#!/bin/bash
IF_EXTERNA="eth0";
IF_INTERNA="eth1";
REDE_INTERNA="192.168.254.0/24"
iptables -F
iptables -Z
iptables -X
iptables -F -t nat
iptables -X -t nat
iptables -F -t mangle
iptables -X -t mangle
iptables -P FORWARD ACCEPT
iptables -P INPUT DROP
iptables -P OUTPUT ACCEPT
iptables -A INPUT -i lo -j ACCEPT
iptables -A INPUT -i $IF_INTERNA -j ACCEPT
iptables -A FORWARD -i $IF_INTERNA -j ACCEPT
iptables -t nat -A PREROUTING -i $IF_INTERNA -p tcp --dport 80 -j REDIRECT --to-port 3128
iptables -t nat -A POSTROUTING -s $REDE_INTERNA -j MASQUERADE
The redirect does not function.
But if politics INPUT is ACCEPT, functions!
|
