SLUG Mailing List Archives
Re: [SLUG] blocking port 80 on firewall.
- To: Ken Foskey <foskey@xxxxxxxxxxxxxxxx>
- Subject: Re: [SLUG] blocking port 80 on firewall.
- From: Keith Hopkins <hne@xxxxxxxxxx>
- Date: Sun, 02 May 2004 19:38:53 +1000
- Cc: slug@xxxxxxxxxxx
- Organization: Hopkins Network Engineering
- User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.6) Gecko/20040113
Ken Foskey wrote:
> On Sun, 2004-05-02 at 17:08, Ken Foskey wrote:
>>>And.... How do I block port 80 on eth1 using ipmasq (ipchains) under
>>All I need to do now is figure out how to ensure the proxy is used.
> Turns out that I am using iptables (K 2.4.26) I think this command
> should do the drop that I want.
> iptables -A INPUT -j DROP -p tcp -d 0/0 --destination-port www
> Is this right, will is stop squid going out?
> Where do I put this in the startup to make it work?
Instead of blocking port 80, you could also consider redirecting it to the port used by squid. Something like:
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 3128
This works for me (transparent proxying) under SuSE.
Found in Sydney,