How can I configure transparente proxy for my every users in my internal network that server using linux kernell 2.4.19 and squid 2.4.7 with:
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 3128
and in the same server for only one user of the same internal netwok not configure transparent proxy.
Can i insert one iptables comand to configure this exceptio of interceptation ?
Anybody can write this line for me ?
If you can have this one user on a static IP address, you can just add "-s !<users_IP>" to your existing iptables rule, e.g.
iptables -t nat -A PREROUTING -i eth0 -s !<users_IP> -p tcp --dport 80 -j REJECT --to-port 3128
If you can't get the one user on a static IP address, you'd leave your existing rule as-is and add another one before it in the table using the RETURN target, like this:
iptables -t nat -I PREROUTING 1 -s <users_IP> -j RETURN
When the <users_IP> changes, you need to arrange for the deletion and reinsertion of this rule dynamically.
-- ========================= Tom Lahti Tx3 Online Services
(888)4-TX3-SVC (489-3782) http://www.tx3.net/ -- =========================
