[Sysadmins] Правила на iptables для заворачивания http-трафика на прокси
Timur Batyrshin
=?iso-8859-1?q?batyrshin_=CE=C1_ieml=2Eru?=
Ср Май 7 11:43:27 MSD 2008
On Tue, 6 May 2008 23:51:31 +0700
Vyatcheslav Perevalov wrote:
> > > > ................... -- MASQUARADE.
> > >
> >
> > .........................................................................................
> >
> > Что-нибудь подобное, если по аналогии с правилом для MASQUARADE
> > делать:
>
> Я ничего не путаю? разве не MASQU_E_RADE (подчёркнуто мной)?
>
Ага, точно, прощу прощения за невнимательность:
MASQUERADE
This target is only valid in the nat table, in the POSTROUTING
chain. It should only be used with dynami- cally assigned IP
(dialup) connections: if you have a static IP address, you should use
the SNAT target. Masquerading is equivalent to specifying a mapping to
the IP address of the interface the packet is going out, but also
has the effect that connections are forgotten when the interface goes
down. This is the correct behavior when the next dialup is unlikely to
have the same interface address (and hence any estab- lished
connections are lost anyway).
Подробная информация о списке рассылки Sysadmins