On Sun, 29 Apr 2007, Colin O'Keeffe wrote:
> I;m also running apache on the box , currently port 8080, but i'd
> like to have it on port 80. So, can iptables detect a http request
> for the linux box and pass the request to apache and anything that
> doesnt have an ultimate destination of the linux box be passed
> through the proxy.?? How do I do it?
# iptables -t nat -v -L PREROUTING
Chain PREROUTING (policy ACCEPT 85M packets, 6139M bytes)
pkts bytes target prot opt in out source destination
85M 6140M trans-proxy all -- any any anywhere anywhere
# iptables -t nat -v -L trans-proxy
Chain trans-proxy (1 references)
pkts bytes target prot opt in out source destination
10 600 RETURN tcp -- any any anywhere <webserver IP> tcp dpt:http
275K 14M RETURN tcp -- any any anywhere <other webserver IP> tcp dpt:http
296K 18M REDIRECT tcp -- eth0 any anywhere anywhere tcp dpt:http redir ports 8080
> -A PREROUTING -i eth0 -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 3128
You need to add 'exceptions' where packets are destined to port 80 on
your webserver, e.g. as above.
regards,
--
Paul Jakma paul at clubi.iepaul at jakma.org Key ID: 64A2FF6A
Fortune:
problem drinker, n.:
A man who never buys.
Maintained by the ILUG website team. The aim of Linux.ie is to
support and help commercial and private users of Linux in Ireland. You can
display ILUG news in your own webpages, read backend
information to find out how. Networking services kindly provided by HEAnet, server kindly donated by
Dell. Linux is a trademark of Linus Torvalds,
used with permission. No penguins were harmed in the production or maintenance
of this highly praised website. Looking for the
Indian Linux Users' Group? Try here. If you've read all this and aren't a lawyer: you should be!
