Kevin McAllister on 6 Jun 2013 15:47:48 -0700

On Jun 6, 2013, at 6:19 PM, Fred Stluka <> wrote:

> PLUG folks,
> Do any of you have experience with setting up a proxy via
> iptables.  Should be just 3 simple iptables commands, but I
> tried and couldn't make it work.


I didn't have a chance to read all your notes but I had a similar problem recently.  Basically once iptables makes a decision doing NAT and creates a connection in it's conntrack it won't go to the PRE and POST routing rules again to make that decision unless the connection goes away.  The way I've gotten around this on CentOS is to simply do /sbin/service iptables save; /sbin/service iptables restart

But be cautious, I won't be there to help when you take the network down.  I'm already scheduled to do some network takedown myself tonight.

There may be a less abrupt way to do it.  And I might have gotten some of the details wrong but your situation sounded similar to mine.  Hopefully Julien Doesn't see this and cringe too much :-)
