Iptables and proxy prerouting redirect
dustin at larmeir.com
dustin at larmeir.com
Sun Jan 17 00:17:58 UTC 2010
Hello everyone, this may be a simple fix but was wondering how to go about
the following. I have 2 systems on my network, 1 a redhat 4.x box acting as
a router and the other another system working as a dedicated proxy. The
dedicated proxy resides on the network that the router serves and I was
wondering how I could configure iptables to route port 80 requests from the
router machine to the other machine's proxy running on port 8080 - below is
some more specifics:
As shown below my router serves its dhcp off of eth 1:
[root at gateway ~]# ifconfig
eth0 Link encap:Ethernet HWaddr 00:C0:4F:5E:4E:02
inet addr:192.168.1.9 Bcast:192.168.1.255 Mask:255.255.255.0
inet6 addr: fe80::2c0:4fff:fe5e:4e02/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:254428 errors:0 dropped:0 overruns:0 frame:0
TX packets:128178 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:339207909 (323.4 MiB) TX bytes:31298432 (29.8 MiB)
Interrupt:11 Base address:0xdc00
eth1 Link encap:Ethernet HWaddr 00:0E:2E:91:DF:08
inet addr:10.0.0.1 Bcast:10.0.0.255 Mask:255.255.255.0
inet6 addr: fe80::20e:2eff:fe91:df08/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:93762 errors:0 dropped:0 overruns:0 frame:0
TX packets:145855 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:28534050 (27.2 MiB) TX bytes:120473831 (114.8 MiB)
Interrupt:10 Base address:0x6400
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:14234 errors:0 dropped:0 overruns:0 frame:0
TX packets:14234 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:3585239 (3.4 MiB) TX bytes:3585239 (3.4 MiB)
My proxy runs on the ip of 10.0.0.249:8080
I know to have systems run through the proxy on the router I could use :
/sbin/iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT
--to-port 8080
How could I modify this to reroute me to 10.0.0.249:8080 which is my other
proxy?
Any input on this would be greatly appreciated.
Thank you,
Dustin
More information about the redhat-list
mailing list