[lug] Transparent proxy on localhost
Zan Lynx
zlynx at acm.org
Tue Aug 21 09:49:19 MDT 2007
On Mon, 2007-08-20 at 22:31 -0600, Michael Hirsch wrote:
> I'm trying to set up a transparent proxy on localhost. (I'm trying to
> filter my kids' web browsing.) I have the proxy all setup and
> working, but I can't figure out how to get it to happen transparently.
> Here's what I've tried:
[snip]
> iptables -t nat -i lo -A PREROUTING -p tcp --dport 80 -j LOG
> iptables -t nat -i lo -A PREROUTING -p tcp --dport 80 -j REDIRECT
> --to-ports 8080
>
> but there's no change in behavior. The web connection is unfiltered.
>
> What am I doing wrong?
Try the nat OUTPUT chain instead. Connections from the local machine
are handled specially in both the nat and filter tables.
--
Zan Lynx <zlynx at acm.org>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <http://lists.lug.boulder.co.us/pipermail/lug/attachments/20070821/36a5c86e/attachment.pgp>
More information about the LUG
mailing list