Hello everyone and Balazs Scheidler ~

i have one problem, i recently made up the testbed like below to run the tproxy patched apache proxy,

so i applied all iptables and routing rules with reading the readme file [http://www.balabit.com/downloads/files/tproxy/README.txt]

but when the client tried to connect the web server, the packets reached to the box but my tproxy server could not receive any corresponding packet from clients

i want to know why my proxy server can't receive any packet

do i need some DNAT rules ?

testbed:

[client ] <---------> [tproxy patched apache mod_proxy] <--------> [web server]

---------------------------

proxybox

[proxybox]

1. OS: linux 2.6.31.6 vanilla kernel

2. iptables: 1.4.5 , no tproxy patched

3. proxy: tproxy patched [ please refer to the httpd-2.2.9-tproxy.patch ] APACHE 2.2.9

4. iptables and routing rules

iptables -t mangle -A PREROUTING -p tcp --dport 80 -j TPROXY --on-port 3128 --tproxy-mark 0x1/0x1

ip rule add fwmark 1 lookup 100
ip route add local 0.0.0.0/0 dev lo table 100

        iptables -t mangle -N DIVERT
        iptables -t mangle -A PREROUTING -p tcp -m socket -j DIVERT
        iptables -t mangle -A DIVERT -j MARK --set-xmark 0x1/0xffffffff
        iptables -t mangle -A DIVERT -j ACCEPT