README: document socksifying router setup.

Note: I don't know source of doc/iptables-packet-flow.png and doc/iptables-packet-flow-ng.png files, their license is unknown. As far as I remember, it's something CC-like and they're quite old: -rw-r--r-- 1 darkk darkk 99799 2007-09-16 07:00 iptables-packet-flow.png -rw-r--r-- 1 darkk darkk 287299 2009-10-09 10:42 iptables-packet-flow-ng.png
xunmengfeng · Mar 25, 2012 · d1d5b70 · d1d5b70
1 parent 93073ce
commit d1d5b70
Show file tree

Hide file tree

Showing 4 changed files with 16 additions and 0 deletions.
diff --git a/README b/README
@@ -149,6 +149,14 @@ luser$ sg socksified -c id
 uid=1000(luser) gid=1001(socksified) groups=1000(luser),1001(socksified)
 luser$ sg socksified -c "firefox"
 
+# If you want to configure socksifying router, you should look at
+# doc/iptables-packet-flow.png and doc/iptables-packet-flow-ng.png
+# Note, you should have proper `local_ip' value to get external packets with
+# redsocks, default 127.0.0.1 will not go. See iptables(8) manpage regarding
+# REDIRECT target for details.
+# Depending on your network configuration iptables conf. may be as easy as:
+root# iptables -t nat -A PREROUTING --in-interface eth_int -p tcp -j REDSOCKS
+
 Note about GID-based redirection
 ========
 Keep in mind, that changed GID affects filesystem permissions, so if your

diff --git a/README.html b/README.html
@@ -150,6 +150,14 @@ <h2>iptables example</h2>
 <strong>luser$</strong> <code>sg socksified -c id</code>
 uid=1000(luser) gid=1001(socksified) groups=1000(luser),1001(socksified)
 <strong>luser$</strong> <code>sg socksified -c "firefox"</code>
+
+# If you want to configure socksifying router, you should look at
+# <a href="doc/iptables-packet-flow.png">doc/iptables-packet-flow.png</a> and <a href="doc/iptables-packet-flow-ng.png">doc/iptables-packet-flow-ng.png</a>
+# Note, you should have proper `local_ip' value to get external packets with
+# redsocks, default 127.0.0.1 will not go. See iptables(8) manpage regarding
+# <a href="http://dev.medozas.de/files/xtables/iptables.html#76">REDIRECT target</a> for details.
+# Depending on your network configuration iptables conf. may be as easy as:
+<strong>root#</strong> <code>iptables -t nat -A PREROUTING --in-interface eth_int -p tcp -j REDSOCKS</code>
 </pre>
 
 <h3>Note about GID-based redirection</h3>

diff --git a/doc/iptables-packet-flow-ng.png b/doc/iptables-packet-flow-ng.png
diff --git a/doc/iptables-packet-flow.png b/doc/iptables-packet-flow.png