Bridge with transparent proxy

[Jorge Augusto Senger <jorge () br10 com br>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hy folks,

I'm loosing my mind trying to configure a bridge with transparent proxy.
Here is the scenario, very simple:

[ INTERNET ] <--- eth0 ---> [ BRIDGE ] <--- eth1 ---> [ LAN ]

Well, the bridging functions are working fine. The traffic is passing
trough and I can filter using iptables and ebtables.
But, I can't use -j REDIRECT to some local port. When I put a rule
redirecting traffic on www port to local proxy port, the counters shows
packets passing trough, but nothing happens.
Wondering if it was a squid problem, I tryed to redirect the traffic in
some high port (8000) to port 22 on localhost. Nothing happened too.

About my machine:

Debian Sarge
Kernel 2.6.18 (compiled with all bridge modules)
Iptables 1.3.6 (patched with L7)

Rules:

ebtables -t broute -A BROUTING -p IPv4 --ip-protocol 6 \
- --ip-destination-port 80 -j redirect --redirect-target ACCEPT

iptables -t nat -A PREROUTING -i br0 -p tcp --dport 80 \
- -j REDIRECT --to-port 3128


I hope that you guys can help me.

Thanks a lot,

Jorge Augusto Senger
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFGSvwqypvwDfwTKYARArCqAJ40LfRFiQtCqGkfLS44cukVD0/etwCeMUrp
6v2QnZwwefco15U8DgBYp4k=
=lBVy
-----END PGP SIGNATURE-----
_______________________________________________
firewall-wizards mailing list
firewall-wizards () listserv icsalabs com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards