iptables to accept HTTP traffic to one domain only

the request is as follows:

  1. Redirect all requests to the internet “http” to a local server 192.168.2.100/24.

  2. The requests to the www.example.com domain accept them.

This is a wifi service in the community so that visitors can only access www.example.com and if another web page is detected, then redirect to the local server.

I’m trying this:

It works, but does not allow the requirement 2.

Accepts request to domain www.example.com (This does not work)

iptables -A INPUT -m mark –mark 98 -p tcp -d www.example.com –dport 80 -j ACCEPT

Redirect all requests to the internet to the local server (This works)

iptables -N inter4 -t mangle
iptables -t mangle -A PREROUTING -j inter4
iptables -t mangle -A inter4 -j MARK --set-mark 99
iptables -t mangle -A inter4 -j LOG --
iptables -t nat -A PREROUTING -m mark --mark 99 -p tcp --dport 80 -j DNAT \
         --to-destination 192.168.2.100:8080
iptables -A FORWARD -p udp --dport 53 -j ACCEPT

Thanks.

Related:


Leave a Reply