Needed changings for new version of iptables

leandro noferini lnoferin at cybervalley.org
Wed Jan 7 05:32:52 UTC 2009


Ciao a tutti,

I am using the method explained at
http://wiki.noreply.org/noreply/TheOnionRouter/TransparentProxy  to have
a trasparent proxy for a specifical user on a debian/i386 unstable.

I use these rules for iptables:

iptables -t nat -A OUTPUT -p tcp -m owner --uid-owner anoymous -m tcp --syn -j REDIRECT --to-ports 9040
iptables -t nat -A OUTPUT -p udp -m owner --uid-owner anoymous -m udp --dport 53 -j REDIRECT --to-ports 53
iptables -t nat -A OUTPUT -m owner --uid-owner anoymous -j DROP

But since some  days ago a new version of  iptables (1.4.2-2) arrived in
distribution and I am having this error message:

The "nat" table is not intended  for filtering, hence the use of DROP is
deprecated and will permanently be disabled in the next iptables release. Please adjust your scripts.

How I could change the above script for the new iptables version?

-- 
Ciao
leandro
Un esteso e "normale" uso della crittografia è il sistema più forte
per rivendicare il diritto alla privacy nelle comunicazioni
telematiche: come tutti i diritti e come i muscoli se non viene
esercitato costantemente si atrofizza e va perso.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 188 bytes
Desc: not available
URL: <http://lists.torproject.org/pipermail/tor-talk/attachments/20090107/c7ddfce4/attachment.pgp>


More information about the tor-talk mailing list