Hello, Bryan Liang wrote:
< No, it doesn't work without an IP address because tproxy2 uses nat rules < which require an IP address on the bridge interface too. < < If another host connects to a proxy application, the proxy gets the < incoming packets but it has to respond with others. The latter packets < cannot be routed without that IP address.
< - < Panther
Thanks Panther. Are there any plans to let TPROXY work in this request?
As I mentioned above: it won't work, because the outgoing packets (from a proxy application) must be routed before reaching the real network. I don't know another solution. Also the
Because in some environment, IP address can not be assigned on the bridge. If we need to put the linux box at the front of internet gateway, there will be no IP address assigned.
But it may have one. AFAIK the only reasonable environment for a bridge without IP address is where the linux box is used for traffic spoofing (especially intrusion detections). This is not necessary for transparent proxying. -- Panther