10 Aug
2007
10 Aug
'07
12:59 p.m.
On Friday 10 August 2007 13.23.39 Jan Engelhardt wrote:
On Aug 10 2007 13:21, Ondrej Kraus wrote:
Hello,
great, proxy works now - but just in normal transparent fashion.
...which is equivalent to having used REDIRECT instead of TPROXY. (Seriously, what is xt_TPROXY good for?)
No, not at all. If you use REDIRECT, you must add at least one rule per listening port to accept connections but with the TProxy patch one rule is enough in the INPUT chain. The TRPOXY target marks the packet and the tproxy match accepts marked packets no matter what the original and the new destination port is. It can be simoultaneously used with the MARK target of the mangle table. -- Regards, Laszlo Attila Toth