Hello, I forgot to set address family in libxt_tproxy.c (match), but libxt_TPROXY.c (target) works well. Patch is attached. You should use the target as: iptables -t tproxy -A PREROUTING -p tcp <other options> -j TPROXY <other parameters> or iptables -t tproxy -A PREROUTING -p udp <other options> -j TPROXY <other parameters> and iptables -A INPUT -m tproxy -j ACCEPT TPROXY target should be used only in the tproxy table's PREROUTING chain and tproxy match should be used in filter table's INPUT chain. Also you shouldn't write ... -m tproxy ... -j TPROXY Lachlan Bowes írta:
Have any of you seen this before?
I followed instructions in README, but to no avail.
Apologies if this is obvious but I am from a FreeBSD background, linux is not my normal OS so environment is foreign to me.
Regards, Lachlan
root@syd-log01:/root/tproxy-4.0.1-2.6.22# uname -a Linux syd-log01 2.6.22.3 #1 SMP Tue Aug 28 21:54:20 EST 2007 i686 GNU/Linux root@syd-log01:/root/tproxy-4.0.1-2.6.22#
root@syd-log01:/root/tproxy-4.0.1-2.6.22# iptables -t tproxy -A PREROUTING -j TPROXY --on-port 3128 iptables v1.3.8: Unknown arg `--on-port' Try `iptables -h' or 'iptables --help' for more information. root@syd-log01:/root/tproxy-4.0.1-2.6.22# iptables -t tproxy -A PREROUTING -j TPROXY iptables v1.3.8: Couldn't load target `TPROXY':/usr/local/lib/iptables/libipt_TPROXY.so: cannot open shared object file: No such file or directory
Try `iptables -h' or 'iptables --help' for more information. root@syd-log01:/root/tproxy-4.0.1-2.6.22# lsmod | grep iptable iptable_filter 3104 0 iptable_tproxy 6468 0 ip_tables 12420 2 iptable_filter,iptable_tproxy root@syd-log01:/root/tproxy-4.0.1-2.6.22#
-- Panther