It seems that i have some performance problems: - On kernel 2.6.15 , even without the TPROXY patches i get lousy performance , it seems that this is a well known bug with E1000 drivers , so i can't use this kernel - On kernel 2.6.10 + tproxy 2.0.1 , i got nice results without the tproxy patch, but when i added the tproxy - i got lousy performance - On kernel 2.6.14.7 + tproxy 2.0.3 , i got great results without the tproxy patch (4500 trans/sec) , but when i added the tproxy - it was 3 times slower (1500 trans/sec) with many "failed to create a socket" errors
Try these https://lists.balabit.hu/pipermail/tproxy/2006-July/000273.html
CONFIG_NETFILTER=y CONFIG_IP_NF_CONNTRACK=y CONFIG_IP_NF_TPROXY=y CONFIG_IP_NF_IPTABLES=y CONFIG_IP_NF_NAT=y CONFIG_IP_NF_NAT_NEEDED=y
do i need all these settings to get the "foreign-connect" or can i skip some and gain better results ?
You can try enabling/disabling "NAT reservations". Jan Engelhardt --