Re: [squid-users] transparently redirect traffic to the Squid wit h L4-7 switch

From: Joe Cooper <[email protected]>
Date: Thu, 24 Oct 2002 20:11:13 -0500

Comments inline:

Hicks, Rick wrote:
> Thanks Joe. So what should our webswitch do with the packet then ? should we
> still redirect packets to port 3128 or perhaps 80 ?

Doesn't matter. You've just got to intercept it when it gets there.
I'd leave it on port 80.

> Any idea how to do this with iptables or in RedHat 7.2 vs the example with
> ipchains below, perhaps netfilter on 7.2 ?

iptables -t nat -I PREROUTING 1 -p tcp --dport 80 \
-j REDIRECT --to-port 3128

Ought to do it...But you might need to be more selective for your
environment (i.e. adding a '-s source.ip', or a '-i ethN' to only
redirect those particular users or networks).

-- 
Joe Cooper <joe@swelltech.com>
Web caching appliances and support.
http://www.swelltech.com
Received on Thu Oct 24 2002 - 19:08:14 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:10:54 MST