[Shorewall-newbies] REDIRECT rule

Tom Eastep teastep at shorewall.net
Fri Feb 20 13:19:20 PST 2004


On Friday 20 February 2004 12:48 pm, Sakthivel Subramanian wrote:
> Hi,
>
> I am trying to redirect WWW from LAN to the SQUID proxy running on the
> firewall box except for certain destinations. I used the following rule and
> it works fine.
> # Redirect WWW access to proxy
> REDIRECT        loc     8080      tcp   www      -      !10.10.9.1
>
> But I don't want to redirect if the www request is destined for three
> subnets on the eth0 interface (192.168.1.0/24, 192168.2.0/24,
> 192.168.3.0/24). These three subnets are defined a three zones in the zones
> file. How do I specify an subnet to exclude in the REDIRECT rule. I tried
> the following and it didn't work.
> # Redirect WWW access to proxy
> REDIRECT        loc     8080      tcp   www      -
> !10.10.9.1,192.168.1.2-192.168.1.254
>

REDIRECT loc 8080 tcp www - !10.10.9.1,192.168.1.0/24,192.168.2.0/24

-Tom
-- 
Tom Eastep    \ Nothing is foolproof to a sufficiently talented fool
Shoreline,     \ http://shorewall.net
Washington USA  \ teastep at shorewall.net




More information about the Shorewall-newbies mailing list