Ming-Ching Tiew wrote:
Laszlo Attila Toth wrote:
I will forward port of the kernel patches to 2.6.25 and 2.6.26 and test when I'll have time for it. But first I have to eliminate a problem related to the tproxy that it doesn't work if the interface is in bridge mode (br0, etc). This issue occurs on each versions of tproxy4 (4.0 and 4.1). The 4.0 branch is used internally in our product but my assumption is that when I fix the 4.0, I can find a solution for 4.1, too. Now I have no idea why it goes wrong with a bridge: TPROXY target (and iptables/netfilter) doesn't receive any packets.
I did mentioned about this long long time ago. If you search through the older posts, I did mentioned a "workaround" for it. Unless now you are working on a fix in the kernel.
Basically, I use ebtables to redirect the traffic to enter and leave via the physical interface instead of the (virtual) bridge interface.
Hm, I forgot it, thanks. I remembered as when I tried it with TProxy, 4.1, it didn't work. Perhaps I used wrong version of ebtables userspace. In this case it is only a 4.1 problem. -- Panther