Hi, Jean-pierre Cartal wrote:
To give you more informations, my test box has 2 ethernet interfaces and I want to use eth1 for transparents proxying. The IP address on this interface is 192.168.3.1, the eth0 interface address is 172.20.3.15 I first create a socket to listen on incoming requests normally targeted to 192.168.2.1, which are sent to my TP host using a linux router. This part is working fine and I'm able to receive all packets. The IP address for the outgoing packets is set to the source address of the incoming packet I just received on the listening socket. I create a local socket, bind it to a random local port, use the IP_TPROXY_ASSIGN socket option to assign the IP address and source port, the latter being different from the one in the original packet as I want all responses from the originally targeted server to arrive on a single port. I then call the IP_TPROXY_FLAGS socket option using the ITP_CONNECT flag. Finally, I connect this socket with the original remote machine (same IP and same port as in the incoming packet).
Oh, one possible problem: you _have_to_ connect() the socket to the original remote end _before_ setting the tproxy flags. -- Regards, Krisztian KOVACS