Thanks for the response. Here's my problem: I'm running foreign-tcp-connect on a machine (say 1.2.3.4) to fake a source address (say 5.6.7.8 port 9999) when connecting to a web server. I get a connect timeout. At the webserver, when I do a tcpdump, it seems that only the port is being faked, not the IP address. That is, the tcpdump output shows that I'm trying to connect from 1.2.3.4 port 9999. If I use 5.6.7.8 as the fake IP address, it works. Has anyone experienced this problem? What am I missing? My setup: Linux kernel 2.6.15.3 (pristine) patched with tproxy-2.6.15-2.0.4 Many thanks, N On 4/6/06, Jan Engelhardt <jengelh@linux01.gwdg.de> wrote:
Q: Is patching the iptables userspace necessary if I just want to fool around with the example programs, say foreign-tcp-connect?
No, only if you want to modify the kernel ip tables. (Which is not required if you only want to fake addresses.)
Jan Engelhardt --