Hi people,

 

My network daemon program can’t receive any packet from iptables’s REDIRECT after patching cttproxy-2.6.12-2.0.2.tar.gz.

Of course, I checked it out that REDIRECT worked before patching in the same-kernel.

 

(So, I tried it in Fedora kernel(2.6.12-1.1376_FC3). It was worse. The system was halting without any message.)

 

<<My system configuration>>

Linux-kernel version : 2.6.12 original (no warning, no error when patching)

Gcc version           : gcc (GCC) 3.4.4 20050721 (Red Hat 3.4.4-2)

Modules :

Module                    Size  Used by

ipt_REDIRECT              2688  1

ipt_physdev               2832  1

iptable_filter                3584  0

iptable_tproxy             19780  0

iptable_nat                27976  3 ipt_REDIRECT,iptable_tproxy

ip_conntrack              44040  2 iptable_tproxy,iptable_nat

ipt_TPROXY               2688  0

ip_tables                  24448  6 ipt_REDIRECT,ipt_physdev,iptable_filter,iptable_tproxy,iptable_nat,ipt_TPROXY

video                      16388  0

 

Device Network state : Bridge

bridge name     bridge id               STP enabled     interfaces

br0             8000.00d06809c827       no              eth3

                                                         eth1

 

IP table Rule : (iptables -m physdev -t nat -A PREROUTING --physdev-in eth1 -d A.B.C.D -p tcp --dport 80 -j REDIRECT --to-port 2101)

Chain PREROUTING (policy ACCEPT)

target     prot   opt  source               destination

REDIRECT   tcp  --  anywhere         A.B.C.D        PHYSDEV match --physdev-in eth1 tcp dpt:http redir ports 2101

 

CPU info: 2 x Intel(R) Xeon(TM) CPU 3.00GHz (Hiper-Threading : On)

 

netstat info: (telnet A.B.C.D 80)

Active Internet connections (w/o servers)

Proto Recv-Q Send-Q Local Address               Foreign Address             State     

tcp        0      0 192.168.0.107:2101          192.168.0.101:1147          SYN_RECV

 

Thanks, in advance.