Can iptables allow Squid to process a request, then redirect the response packets to another port?

Posted by Dan H on Server Fault See other posts from Server Fault or by Dan H
Published on 2010-04-01T19:59:27Z Indexed on 2010/04/01 20:03 UTC
Read the original article Hit count: 423

Filed under:

proxy

I'm trying to test a fancy traffic analyzer app, which I have running on port 8890.

My current plan is to let any HTTP request come into Squid, on port 3128, and let it process the request, and then just before it sends the response back, use iptables to redirect the response packets (leaving port 3128) to port 8890.

I've researched this all night, and tried many iptables commands, but I'm missing something and my hair is falling out.

I thought something like this would work:
iptables -t nat -A OUTPUT -p tcp --sport 3128 -j REDIRECT --to-ports 8990
This rule gets created ok, but it never redirects anything.

Is this even possible? If so, what iptables incantation could do it? If not, any idea what might work on a single host, given multiple remote browser clients?

Can iptables allow Squid to process a request, then redirect the response packets to another port?

Posted by Dan H on Stack Overflow See other posts from Stack Overflow or by Dan H
Published on 2010-04-01T09:10:54Z Indexed on 2010/04/01 9:13 UTC
Read the original article Hit count: 423

Filed under:

iptables

I'm trying to test a fancy traffic analyzer app, which I have running on port 8890.

My current plan is to let any HTTP request come into Squid, on port 3128, and let it process the request, and then just before it sends the response back, use iptables to redirect the response packets (leaving port 3128) to port 8890.

I've researched this all night, and tried many iptables commands, but I'm missing something and my hair is falling out.

Is this even possible? If so, what iptables incantation could do it? If not, any idea what might work on a single host, given multiple remote browser clients?

Developer IT