Iptables configuration for a transparent proxy for a single user
leandro noferini
lnoferin at cybervalley.org
Thu May 14 05:15:30 UTC 2009
Ciao a tutti,
in tor wiki at the address
http://wiki.noreply.org/noreply/TheOnionRouter/TransparentProxy#head-235f10e71909d609c46847c9f91efe8ed5168004
explains the way to apply a trasparent proxy for a specific user.
The rules for iptables are
iptables -t nat -A OUTPUT -p tcp -m owner --uid-owner anonymous -m tcp --syn -j REDIRECT --to-ports 9040
iptables -t nat -A OUTPUT -p udp -m owner --uid-owner anonymous -m udp --dport 53 -j REDIRECT --to-ports 53
iptables -t nat -A OUTPUT -m owner --uid-owner anonymous -j DROP
In my debian unstable linux (kernel 2.6.29 and iptables 1.4.3.2-2 from
package) these rules don't work anymore and this is the message from
iptables
The "nat" table is not intended for filtering, the use of DROP is therefore inhibited.
Does anyone know the changes needed tomake it work again?
--
Ciao
leandro
Io non voglio sapere tutto, io voglio capire tutto
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 306 bytes
Desc: not available
URL: <http://lists.torproject.org/pipermail/tor-talk/attachments/20090514/b15c58c5/attachment.pgp>
More information about the tor-talk
mailing list