Redirect selected traffic using Redsocks

This is an OpenPGP/MIME signed message (RFC 2440 and 3156)

Hi all!

For working, I need to access to some services on my company intranet using a SOCKS5 proxy. This is *not* the "official way" (I must use Windows, and I' don't want to). Almost all the services I need works fine using my SOCKS5 proxy (several web services, SSH servers...) but I have problems with 2 of the services.

This 2 services uses Java and Citrix technologies. They work from Debian, because when I work at my company's office I can use it without any problem, but when I'm behind the SOCKS5 proxy, the issues begin.

I just discovered *redsocks*, and as a surprise for me, it's Debian packaged :-) I don't know very much about iptables (I'm reading), but I want to define, on my laptop, a set of iptables rules that, using redsocks, allow me to access to my company problematic services and checks if it could be a solution.

All the manuals I have read perform a full-redirection of all the TCP traffic from the chain OUTPUT to the chain REDSOCKS, and in the REDSOCKS chain, it uses the proxy SOCKS5 to redirect the traffic. How can I modify this behavior to only redirect the needed traffic to the SOCKS5, instead *all* the traffic?

I perform some little tests, but I don't have very good results:iImagine that I need to access to the IP 200.200.200.201 (for example). I added the following rule to iptables:

# iptables -t nat -A OUTPUT -p all -d 200.200.200.201 -j REDSOCKS

Is it ok?

How can I know if a iptables rule is well formed and it is working?

Best regard and thanks in advance :-)

José Luis Segura Lucas







To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: http://lists.debian.org/4FC4B7AF.3050103@gmx.es