Hi Kovacs/Attila, I have successfully applied your patches tproxy4-2.6.22_20070622.tar.bz2 on linux-2.6.22 and got all the modules compiled. Also iptables-1.4.0rc1 is applied with the patch iptables-tproxy-200710091749.diff. But I get error while adding the following rule: [root@Arun-FC6-SQUID linux-tproxy4-RnD]# iptables -t mangle -A PREROUTING -p tcp --dport 80 -j TPROXY --tproxy-mark iptables v1.4.0rc1: Unknown arg `--tproxy-mark' Try `iptables -h' or 'iptables --help' for more information. [root@Arun-FC6-SQUID linux-tproxy4-RnD]# iptables -t mangle -A PREROUTING -p tcp --dport 80 -j TPROXY --tproxy-mark 0x1/0x1 --on-port 3128 iptables: Invalid argument Am I missing anything? TIA. Regards, Arun S. On 23/10/2007, Arun S <hi2arun@gmail.com> wrote:
Hi,
Thank you. I will get this downloaded and try to tweak Squid to work for the latest tproxy4 changes.
Will let you know the changes in Squid once I manage to get Squid compiled for tproxy4.
On 22/10/2007, Tóth László Attila <panther@elte.hu> wrote:
Hello,
On 2007.10.22., at 18:51, Arun S wrote:
Hi Attila / Krisztian,
Could you please tell me which version of linux kernel shall I use to try the latest tproxy4 changes and from where shall I get the latest tproxy4 patches?
2.6.23 should be ok with both version: at www.balabit.com and at http://people.netfilter.org/hidden/tproxy/ The first one is tested for 2.6.22 only.
How can it enabled in squid: I don't know the source code but it requires no secial code with TProxy4 except set the IP_TRANSPARENT socket option for lisening socket. It is a new option: #define IP_TRANSPARENT 19
HTH, Attila
-- Regards, Arun S.
-- Regards, Arun S.