gneamob at yahoo.com
Mon Jul 11 17:24:29 CEST 2005
You may need to install, additionally, a web proxy,
such as squid and tell iptables to use it as a
transparent proxy for all internal machines, like
iptables -t nat -A POSTROUTING -s
192.168.10.0/255.255.255.0 -i ethX -p tcp -m tcp
--dport 80 -j DNAT --to-destination 192.168.10.1:3128
where ethX is the interface on the internal network.
--- Payal Rathod <payal-netfilter at scriptkitchen.com>
> I have a rule on my friend's broadband connection to
> redirect traffic
> from outside to an internal machine like,
> iptables -A PREROUTING -d 188.8.131.52 -p tcp -m tcp
> --dport 80 -j DNAT \
> --to-destination 192.168.10.10:80
> But she complained that people from inside the
> network cannot do
> http://184.108.40.206 in their browser and see the site. Is
> she correct?
> What is wrong with my rule because I can see the
> site from outside?
> Thanks in advance.
> With warm regards,
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
More information about the netfilter