Hi,
After more than six months, a new stable version of TProxy has been
released today. In the last few months a couple of problems were found
in TProxy 1.2.0, some of them requiring substantial changes to the code.
This is why the test version 1.2.0.1 was released earlier this month.
After doing some testing, we think that it is ready for production use.
The most important changes in the new release:
* introduction of shared sockrefs for mark-only entries, this
fixes the "clashing entries" problem which occured in special
cases of operation
* new method for maintaining the per-sockref related connections
list, now connections are added only at confirmation-time
* fix order of registration of hooks and the 'tproxy' table, when
the iptable_tproxy module was loaded on high traffic sites, it
could oops
None of these changes cause binary incompatibility, the userspace
interface is completely the same as that of 1.2.0. Tarballs for Linux
version 2.4.25 and 2.4.26 are available on our website:
http://www.balabit.com/downloads/tproxy/linux-2.4/
MD5 checksums of the files:
ea9cf2c2efe77f658f512d71e3ffc481 cttproxy-2.4.25-1.2.1.tar.gz
d8977620a1903c04d2f297a90fcf3709 cttproxy-2.4.26-1.2.1.tar.gz
--
Regards,
Krisztian KOVACS
Hi,
A new version of the development branch of TProxy has been released.
The most important new internal feature is the introduction of shared
sockrefs, and of course quite a few smaller fixes are included as well.
This version has been prepared for Linux 2.4.25 and Linux 2.6.6, both
with Jozsef Kadlecsik's TCP-window-tracking patch applied. (It's
availble in the Netfilter project's Patch-o-Matic-NG.) Without this
patch, 04-nat_delete won't apply at all, and all the other patches may
cause (trivial) rejects when patching.
The release is available on our site, and will shortly be available in
the CVS version Patch-o-Matic-NG:
http://www.balabit.com/downloads/tproxy/linux-2.4/devel/
MD5: 577224ea8c0a6f3ee191509ba77f6fd7 cttproxy-2.4.25-1.9.6.tar.gz
MD5: 6e4993720a3eaaecdf1fe42bf6e8f147 cttproxy-2.6.6-1.9.6.tar.gz
--
Regards,
Krisztian KOVACS
Hi,
Almost six months has passed since the release of TProxy 1.2.0, and a
couple of problems were found in that release. Unfortunately, some of
those problems could not be fixed trivially, so that before releasing a
stable 1.2.1 version, extensive testing would be needed. This test
version is an up-to-date snapshot of the current code, with all known
important problems fixed:
* introduction of shared sockrefs for mark-only entries, this fixes the
"clashing entries" problem which occured in special cases of operation
* new method for maintaining the per-sockref related connections list,
now connections are added only at confirmation-time
* fix order of registration of hooks and the 'tproxy' table, when the
iptable_tproxy module was loaded on high traffic sites, it could oops
Testing would be highly appreciated, especially since some of these
changes are not lightweight at all, and I can't be sure that they don't
break anything.
This release is available on our website:
http://www.balabit.com/downloads/tproxy/linux-2.4/test/
MD5 checksum of cttproxy-2.4.25-1.2.0.1.tar.gz:
a5c27546299e7e6f3911994d78ceae37
--
Regards,
Krisztian KOVACS