I have a script I wrote a while ago to enable my laptop to become a WiFi hotspot which connects via a proxy to give me the ability to be 'in the UK' when I'm overseas.

The script uses redsocks and some iptables stuff so that HTTP and HTTPS connections to the laptop get forwarded across to the proxy server.

So, ssh provides the tunnel to a server in the UK:-

ssh -fTnN -D 1080 chris@cheddar.halon.org.uk

... and redsocks connects all socks5 requests on port 12345 through to port 1080 to connect to the remote server (portion of redsocks configuration) :-

redsocks { /* `local_ip' defaults to 127.0.0.1 for security reasons, * use 0.0.0.0 if you want to listen on every interface. * `local_*' are used as port to redirect to. */ local_ip = 0.0.0.0; local_port = 12345;

// `ip' and `port' are IP and tcp-port of proxy-server // You can also use hostname instead of IP, only one (random) // address of multihomed host will be used. ip = 127.0.0.1; port = 1080;

// known types: socks4, socks5, http-connect, http-relay type = socks5; }

What I can't understand is the iptables bits at the end of the script (I presumably copied it from somewhere!):-

sudo iptables -F sudo iptables -t nat -F sudo iptables -t nat -A PREROUTING -s 10.42.0.0/24 -p tcp -j REDIRECT --to-ports 12345

The first line I understand (I think), it clears out any existing iptables settings. Then the second line appears to do the same thing, does the second line actually do anything rather than a clear out of part of what the first line has already done?

The third line is what confuses me, it seems to me as if, firstly it's the wrong way round and secondly there should be more needed to make it all work as intended.

The intent of the whole thing is that WiFi clients (e.g. my kindle lookalike, or my phone) can connect to the laptop (which is acting as WiFi server) and have their HTTP/HTTPS requests sent through to the proxy.

It reads to me as if requests *from* the 10.42.0.0/24 network get redirected but that's all wrong. The LAN with the laptop on it is 192.168.0.0/16 (or is it 192.168.0.0/8) and that line is only supposed to do things to 'a packet that creates a new connection'.

However it did all work OK when I first tried it and probably still does if I get it configured right. What I'm confused about is that 10.42.0.0/24 IP, where does that come from? Is it the local LAN's or something else?