[klien] ---> redirect [iptables] ---> [squid] ---> internet
Client yg melakukan koneksi ke internet (port 80) langsung
dilempar oleh iptables ke port squid (port 3128 atau yg lain).
Redirect Port
# Redirect internet port to squid port
iptables -t nat -A PREROUTING -p tcp -m tcp --dport 80 -j REDIRECT
--to-ports 3128
# SNAT
iptables -t nat -A POSTROUTING -o [ethernet keluar] -j SNAT
--to-source [ip publik]
# MASQUERADE
iptables -t nat -A POSTROUTING -s [ip LAN] -j MASQUERADE
0 comments:
Post a Comment