adrien wrote:Hi
when you redirect the connection to the WinGate server, do you redirect it to (e.g. the destination IP on the connection is changed / NATted to the IP of WinGate) or is it diverted VIA WinGate (destination IP doesn't change but packet is forwarded to WinGate at ethernet/MAC layer)?
If the former, then WinGate will see it as a server request, which may be rejected by default. If you can't change the forwarding properties in the router, then you could try changing the default site in the WWW proxy "web server" tab and set the action to "Proxy". In this case it checks the host header, and connects out to that host and then relays as a proxy.
If the latter, then WInGate would need to be intercepting port 80 in the proxy.
Regards
Adrien
Hi Adrien,
I'm not 100% on that. I'm familiar with the basics of Iptables so I'm not sure if it's modifying the packets or not. (changing the destination IP)
Using this in the router's firewall results in the Wingate server denying all of my webpage requests. (I can still use the router#2's webpage)
#!/bin/sh
PROXY_IP=192.168.1.3
PROXY_PORT=80
LAN_IP=`nvram get lan_ipaddr`
LAN_NET=$LAN_IP/`nvram get lan_netmask`
iptables -t nat -A PREROUTING -i br0 -s $LAN_NET -d $LAN_NET -p tcp --dport 80 -j ACCEPT
iptables -t nat -A PREROUTING -i br0 -s ! $PROXY_IP -p tcp --dport 80 -j DNAT --to $PROXY_IP:$PROXY_PORT
iptables -t nat -I POSTROUTING -o br0 -s $LAN_NET -d $PROXY_IP -p tcp -j SNAT --to $LAN_IP
iptables -I FORWARD -i br0 -o br0 -s $LAN_NET -d $PROXY_IP -p tcp --dport $PROXY_PORT -j ACCEPT
I got that from this webpage:
http://www.dd-wrt.com/phpBB2/viewtopic. ... 5c4c95296dUsing this command doesn't seem to do anything however...:
iptables -t nat -A OUTPUT -p tcp --dport 80 -j DNAT --to-destination 192.168.1.3:80 (from:
http://unix.stackexchange.com/questions ... es-locally )
So that's what I'm doing but I don't know if it's messing with the IP headers. Honestly, I'm just plugging things into iptables to get this to work. =/