Ol� a todos estou tentando habilitar proxy transparente sobre um NAT j� existente.
O Meu SCRIPT de firewall est� a� em baixo !! � um interface externa e duas mascaradas internamente . O NAT funciona , mas o proxy transparente n�o. Desde j� agrade�o a qualquer ajuda Lucas _______________________________________________________________________________________ #!/bin/sh # IPTABLES=/usr/local/sbin/iptables EXTIF="eth0" INTIF="eth1" INTIF2="eth2" echo " Interface Externa: $EXTIF" echo " Interface 1: $INTIF" echo " Interface 2: $INTIF2" echo " habilitando forwarding.." echo "1" > /proc/sys/net/ipv4/ip_forward $IPTABLES -P INPUT ACCEPT $IPTABLES -F INPUT $IPTABLES -P OUTPUT ACCEPT $IPTABLES -F OUTPUT $IPTABLES -P FORWARD DROP $IPTABLES -F FORWARD $IPTABLES -t nat -F $IPTABLES -A FORWARD -i $EXTIF -o $INTIF2 -m state --state ESTABLISHED,RELATED -j ACCEPT $IPTABLES -A FORWARD -i $INTIF2 -o $EXTIF -j ACCEPT $IPTABLES -A FORWARD -i $EXTIF -o $INTIF -m state --state ESTABLISHED,RELATED -j ACCEPT $IPTABLES -A FORWARD -i $INTIF -o $EXTIF -j ACCEPT echo " Enabling SNAT (MASQUERADE) functionality on $EXTIF" ########################## Ligando Proxy Transparente ########## $IPTABLES -t nat -A PREROUTING -i $EXTIF -p tcp --dport 80 -j REDIRECT --to-port 3128 $IPTABLES -t nat -A PREROUTING -i $INTIF -p tcp --dport 80 -j REDIRECT --to-port 3128 $IPTABLES -t nat -A PREROUTING -i $INTIF2 -p tcp --dport 80 -j REDIRECT --to-port 3128 ################################################################### $IPTABLES -t nat -A POSTROUTING -o $EXTIF -j SNAT --to 200.16.77.38 Assinantes em 21/01/2003: 2243 Mensagens recebidas desde 07/01/1999: 197942 Historico e [des]cadastramento: http://linux-br.conectiva.com.br Assuntos administrativos e problemas com a lista: mailto:[EMAIL PROTECTED]
