Public domain
#!/bin/bash
INTIF="eth0"
EXTIF="eth1"
LAN="192.168.246.0/24"
CACHE="192.168.246.2"
FIREWALL="192.168.246.1"
# Fluch NAT rules
iptables -t nat -F
# Main Source NAT
iptables -t nat -A POSTROUTING -o $EXTIF -j MASQUERADE
# Cache Redirect
iptables -t nat -A PREROUTING -i $INTIF -d $LAN -j ACCEPT
iptables -t nat -A PREROUTING -i $INTIF -s ! $CACHE -p tcp --dport 80 -j DNAT --to $CACHE:3128
iptables -t nat -A POSTROUTING -o $INTIF -d $CACHE -j SNAT --to $FIREWALL
# Pejman Moghadam
# Wed May 6 18:20:24 IRDT 2009
#!/bin/bash
CACHE="172.16.20.10"
INTIF="eth1"
ip rule add fwmark 1000 table 4
ip route add default via $CACHE dev $INTIF table 4
iptables -t mangle -F PREROUTING
iptables -t mangle -A PREROUTING -i $INTIF -s ! $CACHE -p tcp --dport 80 -j MARK --set-mark 1000
BY: Pejman Moghadam
TAG: iptables, squid, iproute
DATE: 2009-05-27 23:54:11