Commit e364c11a authored by Imran Hussain's avatar Imran Hussain

Don't force stuff going to our own webserver from ourselves through the proxy

parent a7657764
......@@ -518,7 +518,7 @@ $IPT -t nat -A PREROUTING -i $INTERFACE_GUEST -m mark ! --mark 1 -p tcp -m tcp -
$IPT -t nat -A PREROUTING -i $INTERFACE_GUEST -m mark ! --mark 1 -p tcp -m tcp --dport 80 -j DNAT --to 137.44.10.63
# Rest of Transparent Proxy
$IPT -t nat -A PREROUTING ! -i $INTERFACE_OUTSIDE ! -s $PROXY_BOX -p tcp --dport 80 -m policy --dir in --pol none -j DNAT --to $PROXY_BOX:$PROXY_PORT
$IPT -t nat -A PREROUTING ! -i $INTERFACE_OUTSIDE ! -s $PROXY_BOX ! -d $NET_INSIDE -p tcp --dport 80 -m policy --dir in --pol none -j DNAT --to $PROXY_BOX:$PROXY_PORT
# pptp vpns
$IPT -A FORWARD -i $INTERFACE_GUEST -p 47 -m state --state NEW,RELATED,ESTABLISHED -j ACCEPT
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment