transparent_proxysh
By: a guest | Apr 28th, 2008 | Syntax: Bash | Size: 1.44 KB | Hits: 98 | Expires: Never
- #!/bin/sh
- iptables -t nat -F # clear table
- iptables -t nat -X
- iptables -t filter -F
- iptables -t filter -X
- # bypass laptop
- iptables -t nat -A PREROUTING -p tcp -i eth1 -s 192.168.0.27 -j ACCEPT
- # chains
- iptables -t nat -N REDGUARDIAN
- iptables -t nat -N REDSQUID
- # normal transparent proxy
- iptables -t nat -A PREROUTING -p tcp -i eth1 --dport 80 -j REDIRECT --to-port 8080
- iptables -t nat -A PREROUTING -p tcp -i eth1 --dport 21 -j REDIRECT --to-port 2121
- # handle connections on the same box (192.168.0.2 is a loopback instance)
- gid=`id -g proxy`
- dgid=`id -g dansguardian`
- iptables -t nat -A OUTPUT -p tcp --dport 80 -m owner --gid-owner $gid -j ACCEPT
- iptables -t nat -A OUTPUT -p tcp --dport 80 -m owner --gid-owner $dgid -j ACCEPT
- iptables -t nat -A OUTPUT -p tcp --dport 80 -m owner --gid-owner 1000 -j ACCEPT
- iptables -t nat -A OUTPUT -p tcp --dport 80 -m owner --gid-owner 0 -j ACCEPT
- iptables -t nat -A OUTPUT -p tcp --dport 21 -m owner --gid-owner $gid -j ACCEPT
- iptables -t nat -A OUTPUT -p tcp -d 127.0.0.1 --dport 80 -j ACCEPT
- iptables -t nat -A OUTPUT -p tcp -d 192.168.0.5 --dport 80 -j ACCEPT
- iptables -t nat -A OUTPUT -p tcp -d 192.168.0.27 --dport 80 -j ACCEPT
- iptables -t nat -A OUTPUT -p tcp --dport 80 -j DNAT --to-destination 192.168.0.1:3128
- #iptables -t nat -A OUTPUT -p tcp --dport 80 -j DNAT --to-destination 192.168.0.1:8080
- iptables -t nat -A OUTPUT -p tcp --dport 21 -j DNAT --to-destination 192.168.0.1:2121
create new paste | create new version of this paste
RAW Paste Data
Our Sites: