W dniu 29-Aug-12 13:20, Eliezer Croitoru pisze:
> On 8/29/2012 1:15 PM, Pawel Mojski wrote:
>> iptables -t nat -A PREROUTING -p tcp --dport 80 -j DNAT --to
>> ip.of.my.squid:8081 i have strange error.
> it means that every packet the will go to port 80 will be redirected
> to squid ip+port and it means that the packets from squid are the same
> and will be looped.
> you should use the "-j REDIRECT instead of -j DNAT .
> also I recommend you to be explicit about the interface and ip's that
> will be intercepted by the proxy.
No, they are not.
The first of all, The problem appers even with no redirection. For example.
If I start squid, then telnet localhost 8081, the do:
GET / HTTP/1.0
Host: aol.com
then squid are going to connect to himself to port 8081. And doing it in
a loop.
The second think is the ip address of the squid i public ip address and
the router when I'm, doing redirect is somewhere in the internet
(ofcourse added to accepted acl).
But, Let's forgot redirections. Why it not work when I just start a
squid and connect to 8081 port?
Regards;
Pawel
Received on Wed Aug 29 2012 - 13:08:08 MDT
This archive was generated by hypermail 2.2.0 : Wed Aug 29 2012 - 12:00:08 MDT