dansguardian + firewall issues

Michael Torrie torriem at gmail.com
Sat Apr 24 21:56:09 MDT 2010


On 04/24/2010 09:53 PM, Michael Torrie wrote:
> Here're the rules I use, as exported by iptables-save:
> 
> *nat
> :PREROUTING ACCEPT [9:690]
> :POSTROUTING ACCEPT [3304:231437]
> :OUTPUT ACCEPT [3302:231317]
> -A OUTPUT -p tcp -m tcp --dport 80 -m owner --uid-owner dansguardian -j
> ACCEPT
> -A OUTPUT -p tcp -m tcp --dport 3128 -m owner --uid-owner dansguardian
> -j ACCEPT
> -A OUTPUT -p tcp -m tcp --dport 8888 -m owner --uid-owner dansguardian
> -j ACCEPT
> -A OUTPUT -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 8080
> -A OUTPUT -p tcp -m tcp --dport 3128 -j REDIRECT --to-ports 8080

oops.  Forgot a chain for port 8888, which tinyproxy itself uses:

-A OUTPUT -p tcp -m tcp --dport 8888 -j REDIRECT --to-ports 8080



More information about the PLUG mailing list