Then I think that I'm missing something somewhere because patch seems to be OK but, if I try: iptables -t tproxy -A PREROUTING -p tcp -m tcp --dport 80 -j TPROXY --on-port 3128 --on-ip 0.0.0.0 The following error raises: iptables v1.3.5: Unknown arg `--on-port' Try `iptables -h' or 'iptables --help' for more information.
This is a userspace problem. Besides patching the kernel, you also need to patch iptables. You need libipt_TPROXY.so (/usr/lib/iptables, /lib/iptables, depending on distro) on your system for -j TPROXY to work.
If I try: iptables -t tproxy -A PREROUTING The following error raises: FATAL: Module ip_tables not found.
"You are severely screwed". It seems like netfilter is not in your kernel at all.
iptables v1.3.5: can't initialize iptables table `tproxy': Table does not exist (do you need to insmod?) Perhaps iptables or your kernel needs to be upgraded.
(Or perhaps one needs to be root.) Jan Engelhardt --