Hi Krisztian :o)
Ok, do you have any DNAT/MASQUERADE rules in your iptables config? Or what kind of NAT rulese do you use?
None!
Another shortcoming of the NAT-based operation of tproxy is the following: you have to make sure that you do not reuse the _local_ address before the conntrack entry of the previous connection from that address times out. So, if you make a lot of connections from the same IP, and the local autobind port range is not enough for you, you'll have to use additional local IP addresses as well. (Note that these do not need to be routable IP addresses.)
I'm aware of this -- the examples I've put together (see below) are taken immediately after booting the kernel, and problems occur well before the local TCP port range is exhausted.
_This_ is strange... Could you send me a tcpdump capture of that traffic and the matching tproxy debug output?
Will do, in a separate post.
I've put together a fine collection of logs and tcpdumps from a 20s run of my test programs. They show the problem occurring six times and the tar file is 2.2M. Is there somewhere I can e-mail/FTP this to, for you to see? Cheers, Jim