Hello,
I am trying to combine a load of ip rules, but I am having problems
fathoming it out.
I run a VPS with openVPN. I have the following rules:
iptables -t nat -A POSTROUTING -s 192.168.2.3 -j SNAT --to
85.234.144.236
iptables -t nat -A POSTROUTING -s 192.168.2.4 -j SNAT --to
85.234.144.236
iptables -t nat -A POSTROUTING -s 192.168.2.5 -j SNAT --to
85.234.144.236
iptables -t nat -A POSTROUTING -s 192.168.2.6 -j SNAT --to
85.234.144.236
iptables -t nat -A POSTROUTING -s 192.168.2.7 -j SNAT --to
85.234.144.236
iptables -t nat -A POSTROUTING -s 192.168.2.8 -j SNAT --to
85.234.144.236
iptables -t nat -A POSTROUTING -s 192.168.2.9 -j SNAT --to
85.234.144.236
iptables -t nat -A POSTROUTING -s 192.168.2.10 -j SNAT --to
85.234.144.236
Which works great. However, I am wanting to pass any IP traffic from
the 192.168.2.x range be passed through a socks proxy on a specific
port, which I have been told can work with:
#!/bin/sh
LOCAL_NET=192.168.2.0/24
/sbin/iptables -F
/sbin/iptables -t nat -F
/sbin/iptables -P INPUT ACCEPT
/sbin/iptables -P FORWARD DROP
/sbin/iptables -P OUTPUT DROP
/sbin/iptables -t nat -P OUTPUT ACCEPT
/sbin/iptables -t nat -A OUTPUT -p udp --dport 53 -j DNAT --to-
destination 127.0.0.1:5353
/sbin/iptables -t nat -A OUTPUT -o lo -j RETURN
/sbin/iptables -t nat -A OUTPUT -d 127.0.0.1 -j RETURN
/sbin/iptables -t nat -A OUTPUT -d $LOCAL_NET -j RETURN
/sbin/iptables -t nat -A OUTPUT -m owner --uid-owner 103 -j RETURN
/sbin/iptables -t nat -A OUTPUT -p tcp --syn -j DNAT --to-destination
127.0.0.1:1211
/sbin/iptables -A OUTPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
/sbin/iptables -A OUTPUT -o lo -j ACCEPT
/sbin/iptables -A OUTPUT -d 127.0.0.1 -j ACCEPT
/sbin/iptables -A OUTPUT -d $LOCAL_NET -j ACCEPT
/sbin/iptables -A OUTPUT -m owner --uid-owner 103 -j ACCEPT
/sbin/iptables -A OUTPUT -j LOG
/sbin/iptables -A OUTPUT -j REJECT
If someone is able to help me figure this out, I am offerring a
reward of £50 (about $100) as it is driving me insane!!!
Thanks
Andy Dixon
|