Iptables configuration for a transparent proxy for a single user
leandro noferini
lnoferin at cybervalley.org
Thu May 14 20:46:37 UTC 2009
John Brooks ha scritto:
> Removing '-t nat' from the last rule should do what you need. Only the
> first two really need to be in the NAT table (because they are
> modifying the traffic, not filtering it).
[...]
> > iptables -t nat -A OUTPUT -p tcp -m owner --uid-owner anonymous -m tcp --syn -j REDIRECT --to-ports 9040
> > iptables -t nat -A OUTPUT -p udp -m owner --uid-owner anonymous -m udp --dport 53 -j REDIRECT --to-ports 53
> > iptables -t nat -A OUTPUT -m owner --uid-owner anonymous -j DROP
[...]
Ok, now ipfilter does not complain but I cannot connect anymore.
:-(
I will investigate more.
--
Ciao
leandro
Io non voglio sapere tutto, io voglio capire tutto
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 306 bytes
Desc: not available
URL: <http://lists.torproject.org/pipermail/tor-talk/attachments/20090514/e2c733f2/attachment.pgp>
More information about the tor-talk
mailing list