if you just omit --protocol tcp --dport 80 it will probably try to
forward everything, but that is probably not what you really want.
some traffic that needs to stay local, dhcp for sure. If you don't
configure a DNS server accessible from the remote host you'll want to
keep DNS local too.
On Sun, Feb 28, 2010 at 11:13:59PM -0500, Hans Kokx wrote:
> it looks like that might work. is there a way to forward *all* traffic, not
> just port 80, over the proxy?
>
> On Sun, Feb 28, 2010 at 11:01 PM, Dan Pritts <danno_at_umich.edu> wrote:
>
> > Just teested it on a centos4 system, it worked there.
> >
> > here's the exact command i used
> >
> > iptables -t nat -A OUTPUT --protocol tcp --dport 80 -j DNAT
> > --to-destination dest.ip.here
> >
> > On Sun, Feb 28, 2010 at 10:52:38PM -0500, Hans Kokx wrote:
> > > hrm. didn't seem to do the trick. lynx still reports my comcast IP.
> > >
> > > On Sun, Feb 28, 2010 at 10:46 PM, Dan Pritts <danno_at_umich.edu> wrote:
> > >
> > > > Forgot to cc wlug.
> > > >
> > > > On Sun, Feb 28, 2010 at 10:45:43PM -0500, Dan Pritts wrote:
> > > > > something like
> > > > >
> > > > > iptables -T nat -A OUTPUT -tcp --dport 80 -j DNAT --to-destination
> > \
> > > > > host.in.germany.ip.goes.here
> > > > >
> > > > > http://www.linuxtopia.org/Linux_Firewall_iptables/x4013.html
> > > > >
> > > > > "DNAT" is the google-fu you want.
> > > > >
> > > > >
> > > > > On Sun, Feb 28, 2010 at 09:48:06PM -0500, Hans Kokx wrote:
> > > > > > I'm trying to spoof my IP address on my phone (which is running
> > linux,
> > > > and
> > > > > > uses iptables) to make it appear as though I'm in Germany. I have
> > a
> > > > > > transparent proxy running on port 80 of a machine across the world.
> > > > > >
> > > > > > On Sun, Feb 28, 2010 at 9:45 PM, Dan Pritts <danno_at_umich.edu>
> > wrote:
> > > > > >
> > > > > > > On Sun, Feb 28, 2010 at 09:40:24PM -0500, Hans Kokx wrote:
> > > > > > > > Hi all..
> > > > > > > >
> > > > > > > > I'm trying to tunnel traffic on an embedded device through a
> > proxy
> > > > > > > server,
> > > > > > > > but all I have available to me is iptables. Any suggestions on
> > > > going
> > > > > > > about
> > > > > > > > accomplishing this task?
> > > > > > >
> > > > > > > you'll have to say a little bit more about what you're trying to
> > do.
> > > > > > >
> > > > > > > does the embedded device run iptables, or are you thinking about
> > > > running
> > > > > > > this on another box (the proxy server? something else)? What
> > kind of
> > > > > > > proxy server are we talking about? what kind of traffic are we
> > > > talking
> > > > > > > about?
> > > > > > >
> > > > > > >
> > > > > > > danno
> > > > > > > --
> > > > > > > dan pritts
> > > > > > > danno_at_umich.edu
> > > > > > > 734-929-9770
> > > > > > >
> > > > >
> > > > > danno
> > > > > --
> > > > > dan pritts
> > > > > danno_at_umich.edu
> > > > > 734-929-9770
> > > >
> > > > danno
> > > > --
> > > > dan pritts
> > > > danno_at_umich.edu
> > > > 734-929-9770
> > > --
> > > *** Sent from linux-users@lugwash.org *** http://www.lugwash.org
> > > to unsubscribe: `echo "unsubscribe" | mail
> > linux-users-request_at_lugwash.org`
> >
> > danno
> > --
> > dan pritts
> > danno_at_umich.edu
> > 734-929-9770
> --
> *** Sent from linux-users@lugwash.org *** http://www.lugwash.org
> to unsubscribe: `echo "unsubscribe" | mail linux-users-request_at_lugwash.org`
danno
-- dan pritts danno_at_umich.edu 734-929-9770 -- *** Sent from linux-users@lugwash.org *** http://www.lugwash.org to unsubscribe: `echo "unsubscribe" | mail linux-users-request_at_lugwash.org`Received on Mon 01-Mar-2010 12:43:25 AM EST
This archive was generated by hypermail 2.2.0 : Mon 01-Mar-2010 12:43:17 AM EST