Passing all packets to one address and port in ubuntu?

M

Marat Rakhmatullin2011-01-21 13:24:58

ubuntu

Marat Rakhmatullin, 2011-01-21 13:24:58

Following on from the previous question
Given:
1. An enterprise network with a Windows Internet proxy,
2. An Ubuntu server that communicates with this proxy using the cntlm utility . This utility listens to 127.0.0.1:6666 (we specify it in http_proxy) and then communicates with the Windows proxy itself (authenticates, etc.).
3.Some things don't work on Ubuntu server like fopen() in php
Question:
Is it possible to redirect all network packets to 127.0.0.1:6666 and will it help?
For example, using iptables
Write in more detail, with the expectation of a newbie ~~lamer .~~

Reply

Answer the question

In order to leave comments, you need to log in

3 answer(s)

C

cjey, 2011-01-21
@cjey

in my understanding there should be something like this:
iptables -t nat -A POSTROUTING -i eth* -p tcp --dport 80 -j DNAT --to-destination 127.0.0.1:6666
but there is no way to check.

C

cjey, 2011-01-21
@cjey

although it's probably more correct:
iptables -t nat -A OUTPUT -p tcp --dport 80 -j DNAT --to-destination 127.0.0.1:6666

M

merlin-vrn, 2011-01-21
@merlin-vrn

Firstly, redirecting “all ports” there will not help. It will help only for those with which the proxy “at the other end” will allow you to work. That is, if CONNECT is allowed on the 25th port, then SMTP will work, but this port is almost never allowed, etc.
Secondly, the rule for redirecting http traffic to a transparent proxy:
iptables -t nat -A OUTPUT -p tcp --dport 80 -j REDIRECT --to-ports 6666
if desired, you can stick several ports into the rule - for example, 443: -p tcp -m multiport --dports 80,443