Hello, Mohamed Badri wrote:
Hi,
I'm running Linux 2.6.22, Iptables 1.3.8, with Tproxy 4.0.3 patches
I've added the following rules in iptables :
iptables -t tproxy -A PREROUTING -i eth0 -p tcp -m tcp --dport 80 -j TPROXY --on-port 50080 iptables -t tproxy -A PREROUTING -i eth1 -p tcp -m tcp --dport 80 -j TPROXY --on-port 50080
but nothing happens, connexions to port 80 are not redirected to local port 50080.
Did you use IP_FREEBIND socket option in your program on the listening socket? Without it the tproxy only works if you load iptable_tproxy with the tproxy_any=1 module parameter: modprobe iptable_tproxy tproxy_any=1
Can I use NETMAP target in nat table while using tproxy ?
I'm not sure, probably no. The tproxy table is before nat also if the TPROXY target changes the local route (the packet is diverted) then the NETMAP may change this also the packets may not arrive to the listening socket. -- Panther