<div class="gmail_extra">Hi -<br><br>What proxy do u use? Is IP_TRANSPARENT enabled on the socket that you listening on?<br><br>R,<br>Arun <br><br><div class="gmail_quote">On 18 April 2012 22:48, WG <span dir="ltr"><<a href="mailto:tproxy@wim.email.be" target="_blank">tproxy@wim.email.be</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Hi,<br>
<br>
The strange thing is that, if I type all those commands, as soon as I<br>
type the last one I can't connect to the server running on port 3128<br>
remotely anymore, not even on the direct IP.<br>
<br>
I'm running Linux kernel 3.3.2 (previously tried with 2.6.34).<br>
<br>
Any suggestions most welcome...<br>
<br>
Kind regards,<br>
<br>
Wim<br>
<div class="HOEnZb"><div class="h5"><br>
<br>
<br>
KOVACS Krisztian wrote:<br>
> Hi,<br>
><br>
> On 04/10/2012 03:32 PM, WG wrote:<br>
>> I'm trying to redirect all IPv6 traffic entering eth0 on port 80 to a<br>
>> locally running proxy server.<br>
>> But for some reason, the remote client gets only a connection timeout. I<br>
>> do see traffic entering eth0 to port 80, but nothing happens.<br>
>><br>
>> This is what I did :<br>
>> ip -f inet6 rule add fwmark 1 lookup 100<br>
>> ip -f inet6 route add local ::/0 dev lo table 100<br>
>> ip6tables -t mangle -N DIVERT<br>
>> ip6tables -t mangle -A PREROUTING -p tcpo -m socket -j DIVERT<br>
>> ip6tables -t mangle -A DIVERT -j MARK --set-xmark 0x1/0xffffffff<br>
>> ip6tables -t mangle -A DIVERT -j ACCEPT<br>
>> ip6tables -t mangle -A PREROUTING -p tcp --dport 80 -j TPROXY<br>
>> --tproxy-mark 0x1/0x1 --on-port 3128<br>
>><br>
>> Any ideas why it doesn't actually connect to port 3128 ? I tried using<br>
>> --on-ip as well, but no difference.<br>
><br>
> Your rules look OK -- have you tried running netstat -s and see which<br>
> counters are increasing? Or maybe using the Netfilter TRACE target to<br>
> trace your packets through your iptables rules.<br>
><br>
> Also, you didn't state which version of the kernel you're trying to use.<br>
><br>
> Cheers,<br>
> Krisztian<br>
><br>
> .<br>
><br>
_______________________________________________<br>
tproxy mailing list<br>
<a href="mailto:tproxy@lists.balabit.hu">tproxy@lists.balabit.hu</a><br>
<a href="https://lists.balabit.hu/mailman/listinfo/tproxy" target="_blank">https://lists.balabit.hu/mailman/listinfo/tproxy</a><br>
</div></div></blockquote></div><br><br clear="all"><br>-- <br>Regards,<br>Arun S.<br>
</div>