From: "Henrik Nordstrom" <henrik@henriknordstrom.net>
>
>> I lost you, what do you mean by bridge-netfilter integration. Any URL ?
>
> It's a kernel option.
Did you mean
CONFIG_BRIDGE_NETFILTER=y
and all these :-
#
CONFIG_BRIDGE_NF_EBTABLES=m
CONFIG_BRIDGE_EBT_BROUTE=m
CONFIG_BRIDGE_EBT_T_FILTER=m
CONFIG_BRIDGE_EBT_T_NAT=m
CONFIG_BRIDGE_EBT_802_3=m
CONFIG_BRIDGE_EBT_AMONG=m
CONFIG_BRIDGE_EBT_ARP=m
CONFIG_BRIDGE_EBT_IP=m
CONFIG_BRIDGE_EBT_LIMIT=m
CONFIG_BRIDGE_EBT_MARK=m
CONFIG_BRIDGE_EBT_PKTTYPE=m
CONFIG_BRIDGE_EBT_STP=m
CONFIG_BRIDGE_EBT_VLAN=m
CONFIG_BRIDGE_EBT_ARPREPLY=m
CONFIG_BRIDGE_EBT_DNAT=m
CONFIG_BRIDGE_EBT_MARK_T=m
CONFIG_BRIDGE_EBT_REDIRECT=m
CONFIG_BRIDGE_EBT_SNAT=m
CONFIG_BRIDGE_EBT_LOG=m
CONFIG_BRIDGE_EBT_ULOG=m
I have plenty of those inside many kernel and modules. How do I use it
instead of TPROXY ?
>> Hmmm interesting. I do not have this rule in my system and I am
>> able to surf the NET via the bridge/squid ( if I set up proper routing ).
>
> It will work fine until you use TPROXY to have Squid fake the source IP
> on the requests it sends..
As far as I can tell my system is already faking the source IP. But I might
be
wrong. :-)
Do you mean it is a result of some of the kernel CONFIGs which I had instead
of TPROXY module ?
Regards.
Received on Mon Jul 09 2007 - 19:32:55 MDT
This archive was generated by hypermail pre-2.1.9 : Wed Aug 01 2007 - 12:00:03 MDT