Hi, On Mon, 2009-11-23 at 15:51 +0900, 박제호 wrote:
i have a problem in my transparent proxy test, i recently made up the testbed as below to run the tproxy patched apache proxy [mod_proxy], and i applied all iptables and routing rules with referencing the readme file [http://www.balabit.com/downloads/files/tproxy/README.txt, http://www.mjmwired.net/kernel/Documentation/networking/tproxy.txt] the proxy server listening the port 3128 and i checked there were no problem. but when the client tried to connect the web server, the packets reached to the box and i found the usage counts of filter rules in the mangle table incresed but my tproxy server could not receive any corresponding packet from the socket
I want to know why my proxy server can't receive any packet through the socket, Do i need some more DNAT rules ?
Would you mind testing the setup with an unpatched upstream kernel, that has tproxy built-in? (2.6.31, for example) Also, please download the latest iptables from netfilter.org and try using that. (No need for patching, tproxy support is in upstream.) That would help a lot in identifying the source of the issue. Thanks in advance. Cheers, Krisztian