From ImageStream Router Documentation

Revision as of 15:15, 21 April 2011 by Syoder (Talk | contribs)
Jump to: navigation, search

ImageStream's current Netsweeper implementation supports using an external policy server, and the xtables jump target tee.

The following configuration assumes that your customer's traffic is coming in on the Ethernet1, and that your NetSweeper Policy Server uses the IP address

iptables -t mangle -A PREROUTING -i eth1 -p tcp --dport 80 -j TEE --gateway

This configuration should be used on any router that a customer is using to access the internet.

To check if the match is working use the following command:

iptables -t mangle -L -n -v
Chain PREROUTING (policy ACCEPT 2258K packets, 2824M bytes)
pkts bytes target     prot opt in     out     source               destination
328K   65M TEE        all  --  eth1   *        TEE gw:
Personal tools
Router software releases