[CS-FSLUG] squid/squidguard transparent proxy but not server (iptable rules)

[Mark Clayton]

I run squid/squidguard on my ubuntu server. I usually use the
following iptable rule so that localhost httpd traffic is directed to
squid:
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT
--to-port 3128

I wanted to temporarily change that so that localhost traffic is not
redirected. In my notes I have the rule to do that as:
iptables -t nat -A PREROUTING -i eth0 -p tcp -d ! 10.0.1.0/24 --dport
80 -j REDIRECT --to-port 3128
The difference being "-d ! 10.0.1.0/24". But this gives the error:
Bad argument `10.0.1.0/24'

Any idea what I'm doing wrong?

I'm doing this because I have a server issue that I'm trying to
understand. I run avahi along with squid/squidguard on my ubuntu
server with clients using bonjour. It seems squid bypasses
nsswitch.conf or resolv but I'm trying to confirm it's not my iptable
rules. Without the rules applied the lan clients can resolve .local.
addresses but once I apply my rules the clients, whether or not they
use the ubuntu server as the proxy, cannot resolve the addresses. Very
frustrating because I don't want to have to remember ip numbers when
it's hard enough to remember client names!

Thanks,
Mark Clayton
--
claytoncapers.blogspot.com
www.mark-clayton.com