Dear Everyone,
I have tried the tproxy, following the offical guild, but it seems
that it not work on a bridge.
My Network is like this: Client -> eth0 -> br0 -> eth1 -> WebServer
The linux box using kernel 2.6.26, with
tproxy4-2.6.26-200809262032.tar.bz2, and
# dmesg|grep -i tproxy
NF_TPROXY: Transparent proxy support initialized, version 4.1.0
NF_TPROXY: Copyright (c) 2006-2007 BalaBit IT Ltd.
Squid(3.1.0.3, configure with --enable-linux-netfilter) is running on:
http_port 3128 tproxy
and iptables(1.4.0 with tproxy-
iptables-1.4.0-20080521-113954-1211362794.patch) rule:
-A PREROUTING -p tcp -m socket -j DIVERT
-A DIVERT -j MARK --set-mark 0x1
-A DIVERT -j ACCEPT
-A PREROUTING -p tcp -m tcp --dport 80 -j TPROXY --on-port 3128 --
tproxy-mark 0x1/0x1
and ip rule and route:
ip rule add fwmark 1 lookup 100
ip route add local 0.0.0.0/0 dev lo table 100
I have tried to find the reason for many days, but no one is work.
Any advice or information is appreciated. Thank you.
-- BenjaminReceived on Wed Jan 14 2009 - 10:09:24 MST
This archive was generated by hypermail 2.2.0 : Fri Jan 16 2009 - 12:00:03 MST