Comments inline:
Hicks, Rick wrote:
> Thanks Joe. So what should our webswitch do with the packet then ? should we
> still redirect packets to port 3128 or perhaps 80 ?
Doesn't matter. You've just got to intercept it when it gets there.
I'd leave it on port 80.
> Any idea how to do this with iptables or in RedHat 7.2 vs the example with
> ipchains below, perhaps netfilter on 7.2 ?
iptables -t nat -I PREROUTING 1 -p tcp --dport 80 \
-j REDIRECT --to-port 3128
Ought to do it...But you might need to be more selective for your
environment (i.e. adding a '-s source.ip', or a '-i ethN' to only
redirect those particular users or networks).
-- Joe Cooper <joe@swelltech.com> Web caching appliances and support. http://www.swelltech.comReceived on Thu Oct 24 2002 - 19:08:14 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:10:54 MST