Re: [plug] allowing irc on iptables

Thu, 12 Jun 2003 04:49:41 -0700 

On Fri, 6 Jun 2003, Lito A. Lampitoc wrote:

Hi Lito,

> Hi All,
>
> I have two questions:
>
> 1. how do you allow IRC on iptables? the following lines doesnt seem to
> work:
>
> iptables -A INPUT -p tcp --dport 113 -m state --state NEW -j ACCEPT

have you tried:
iptables -t filter -A INPUT -i eth0 -p tcp -d 0/0 --dport 113 -j ACCEPT


>
> 2. how do yo allow transparent proxy? the following lines doesnt work
> for me too:
>
> iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT
> --to-port 8080

This is how i setup transparent proxy on a RedHat 8.0.

on iptables:

echo "1" > /proc/net/sys/ipv4/ip_forward
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT
--to-port 3128

on squid.conf:
httpd_accel_host virtual
httpd_accel_port 80

httpd_accel_with_proxy on
httpd_accel_uses_host_header on

Be sure your kernel supports transparent proxy, sometimes stock kernel
disables transparent proxy by default.

might try to check this on kernel side:

Under General Setup
  Networking support
  Sysctl support
Under Networking Options
  Network packet filtering
  TCP/IP networking
Under Networking Options -> IP: Netfilter Configuration
  Connection tracking
  IP tables support
  Full NAT
  REDIRECT target support
Under File Systems
  /proc filesystem support

You must say NO to ``Fast switching'' under Networking Options.


HTH

Glynn


>
> yes, httpd_accel and the likes are already set.
>
> Thanks.
> --
> Lito A. Lampitoc                :http://www.codewan.com.ph
> Systems & Network Administrator :Countrywide Devt. Wide Area Network
>
> --
> Philippine Linux Users' Group (PLUG) Mailing List
> [EMAIL PROTECTED] (#PLUG @ irc.free.net.ph)
> Official Website: http://plug.linux.org.ph
> Searchable Archives: http://marc.free.net.ph
> .
> To leave, go to http://lists.q-linux.com/mailman/listinfo/plug
> .
> Are you a Linux newbie? To join the newbie list, go to
> http://lists.q-linux.com/mailman/listinfo/ph-linux-newbie
>
--
Philippine Linux Users' Group (PLUG) Mailing List
[EMAIL PROTECTED] (#PLUG @ irc.free.net.ph)
Official Website: http://plug.linux.org.ph
Searchable Archives: http://marc.free.net.ph
.
To leave, go to http://lists.q-linux.com/mailman/listinfo/plug
.
Are you a Linux newbie? To join the newbie list, go to
http://lists.q-linux.com/mailman/listinfo/ph-linux-newbie

Reply via email to