tproxy

Download

tproxy@lists.balabit.hu

October 2011

3 participants
2 discussions

Apache TProxy; proxy: error binding to socket
by Dariush Zahedmanesh 15 Oct '11

15 Oct '11

Hello All I want to use apache-2.2.14 web server as a transparent proxy in ip layer on freebsd-7.0. I configured it with following scenario: Client1 Apache TProxy Configured web server 172.20.13.43 ---------------- [em0:172.20.13.196, 192.168.100.101:em1] --------------------192.168.100.102 My httpd.conf on Tproxy is: .... Listen 4129 <VirtualHost 172.20.13.196:4129> ServerName 172.20.13.196 ProxyRequests off ProxyTProxy On ProxyPass / http://192.168.100.102/ ProxyPassReverse / http://192.168.100.102/ ProxyPreserveHost On </VirtualHost> I used ipnat for trrafic redirection by following configuration. /etc/ipnat.conf: rdr em0 192.168.100.102/32 port 80 -> 172.20.13.196 port 4129 tcp when i request http://192.168.100.102 on web client1, i recieve following error on web browser: Service Temporarily Unavailable The server is temporarily unable to service your request due to maintenance downtime or capacity problems. Please try again later. My apache error log is: [Sat Oct 15 11:59:45 2011] [debug] mod_proxy_http.c(56): proxy: HTTP: canonicalising URL //192.168.100.102/ [Sat Oct 15 11:59:45 2011] [debug] proxy_util.c(1494): [client 172.20.13.43] proxy: http: found worker http://192.168.100.102/ for http://192.168.100.102/ [Sat Oct 15 11:59:45 2011] [debug] mod_proxy.c(993): Running scheme http handler (attempt 0) [Sat Oct 15 11:59:45 2011] [debug] mod_proxy_http.c(1940): proxy: HTTP: serving URL http://192.168.100.102/ [Sat Oct 15 11:59:45 2011] [debug] proxy_util.c(1999): proxy: HTTP: has acquired connection for (192.168.100.102) [Sat Oct 15 11:59:45 2011] [debug] proxy_util.c(2055): proxy: connecting http://192.168.100.102/ to 192.168.100.102:80 [Sat Oct 15 11:59:45 2011] [debug] proxy_util.c(2153): proxy: connected / to 192.168.100.102:80 [Sat Oct 15 11:59:45 2011] [error] (22)Invalid argument: proxy: *error binding *to socket 172.20.13.43:4536 [Sat Oct 15 11:59:45 2011] [debug] proxy_util.c(2017): proxy: HTTP: has released connection for (192.168.100.102) How i can fix it? Any help would be great. -- Best regards Dariush Zahedmanesh

1 0

TPROXY for a UDP listener
by Ramin Dousti 13 Oct '11

13 Oct '11

Hi, I have a linux router that would receive UDP packets through a GRE tunnel that is not destined for the router itself. I'm hosting a UDP listener that is supposed to intercept these UDP packets and reply to them accordingly. What I'm seeing is that the UDP replies (sent by this intercepting process) are being source by the real IP address of the linux box itself and of course the remote end just drops these replies since they do not conform to the src/dst IP and port of the originating socket. So basically my UDP listener does get the UDP requests but the replies have an incorrect src/port. I followed this documet:for the setup: http://www.mjmwired.net/kernel/Documentation/networking/tproxy.txt Can someone help please? -- Ramin

2 1