Fred Stluka on 7 Jun 2013 14:57:25 -0700


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] Setting up a proxy via iptables?...


Thanks for the thought, Kevin.  I had a more serious problem
(now fixed), but I'll keep this in mind if I ever make a change
and it seems to be caching the old behavior.

--Fred
------------------------------------------------------------------------
Fred Stluka -- mailto:fred@bristle.com -- http://bristle.com/~fred/
Bristle Software, Inc -- http://bristle.com -- Glad to be of service!
Open Source: Without walls and fences, we need no Windows or Gates.
------------------------------------------------------------------------

On 6/6/13 6:47 PM, Kevin McAllister wrote:
On Jun 6, 2013, at 6:19 PM, Fred Stluka<fred@bristle.com>  wrote:

PLUG folks,

Do any of you have experience with setting up a proxy via
iptables.  Should be just 3 simple iptables commands, but I
tried and couldn't make it work.
[...]

I didn't have a chance to read all your notes but I had a similar problem recently.  Basically once iptables makes a decision doing NAT and creates a connection in it's conntrack it won't go to the PRE and POST routing rules again to make that decision unless the connection goes away.  The way I've gotten around this on CentOS is to simply do /sbin/service iptables save; /sbin/service iptables restart

But be cautious, I won't be there to help when you take the network down.  I'm already scheduled to do some network takedown myself tonight.

There may be a less abrupt way to do it.  And I might have gotten some of the details wrong but your situation sounded similar to mine.  Hopefully Julien Doesn't see this and cringe too much :-)
___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug


___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug