On Fri, Feb 22, 2008 at 5:04 PM, Martin Acupanda <[EMAIL PROTECTED]> wrote:
> You are correct. I'd like to capture all http ("web") traffic.
In short, you want to intercept all HTTP traffic. Nothing nasty in
mind, I hope? ;)
>
> Additionally, I saw this from a script for transparent proxy.
> iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT
> --to-port 3128
>
> What is the difference (or similarity if any) between "-j REDIRECT"
> above and "-j DNAT" in my earlier post?
http://www.faqs.org/docs/iptables/targets.html#DNATTARGET offers a
very lucid explanation of what you want to accomplish. REDIRECT is
for, uhm, redirecting traffic from one port to another port within the
*same host*. DNAT forwards a packet to its real destination, to a
non-routable internal host, for example.
--
Ian Dexter R. Marquez
http://feeds.iandexter.net/Coredump
_________________________________________________
Philippine Linux Users' Group (PLUG) Mailing List
[email protected] (#PLUG @ irc.free.net.ph)
Read the Guidelines: http://linux.org.ph/lists
Searchable Archives: http://archives.free.net.ph
