2010/11/29 alfa alfa <alfa.ping...@gmail.com>: > jika menggunakan iptable yang ini : > iptables -t nat -A POSTROUTING -s 192.168.1.0/24 -d 0/0 -j MASQUERADE > iptables -A PREROUTING -t nat -p tcp --dport 80 -j REDIRECT --to-port 3128 > > hasil iptables -nL -t nat > > Chain PREROUTING (policy ACCEPT) > target prot opt source destination > REDIRECT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp > dpt:80 redir ports 3128 > > Chain POSTROUTING (policy ACCEPT) > target prot opt source destination > MASQUERADE all -- 192.168.1.0/24 0.0.0.0/0 > MASQUERADE all -- 192.168.1.0/24 0.0.0.0/0 > > Chain OUTPUT (policy ACCEPT) > target prot opt source destination > > jika menggunakan iptable yang ini (saran dari Pak Rahmat Fuadi) : > iptables -t nat -A POSTROUTING -s 192.168.1.0/24 -o eth0 -j MASQUERADE > iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 80 -j REDIRECT > --to-port 3128 > > hasil iptables -nL -t nat > Chain PREROUTING (policy ACCEPT) > target prot opt source destination > REDIRECT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp > dpt:80 redir ports 3128 > > Chain POSTROUTING (policy ACCEPT) > target prot opt source destination > MASQUERADE all -- 192.168.1.0/24 0.0.0.0/0 > MASQUERADE all -- 192.168.1.0/24 0.0.0.0/0 > > Chain OUTPUT (policy ACCEPT) > target prot opt source destination > > -- Kalau seperti ini, gimana? iptables -t nat -A PREROUTING -s 192.168.1.1 -p tcp --dport 80 -j ACCEPT iptables -t nat -A PREROUTING -p tcp --dport 80 -j DNAT --to-destination 192.168.1.1:8080 iptables -t nat -A POSTROUTING -s 192.168.1.0/24 -j MASQUERADE
Note: Squid+Router pada satu box dengan ip address 192.168.1.1. hth, Yaya -- FAQ milis di http://wiki.linux.or.id/FAQ_milis_tanya-jawab Unsubscribe: kirim email ke tanya-jawab-unsubscr...@linux.or.id Arsip dan info milis selengkapnya di http://linux.or.id/milis