Hi, On p, aug 10, 2007 at 01:23:39 +0200, Jan Engelhardt wrote:
(Seriously, what is xt_TPROXY good for?)
The TPROXY and the REDIRECT target used to be quite similar before tproxy v4: both did a simple DNAT to the given address, and TPROXY had magic added to 'mark' packets as tproxy-ed plus some hack to save the original destination address. (Saving the destination address was necessary because we DNAT-ting.) In v4 TPROXY has nothing to do with REDIRECT: in fact it doesn't need NAT at all. Instead, it just assigns the destination socket matching the "redirection address" to the packet, and the TCP and UDP socket lookup code is hacked to use this associated socket instead of doing a (re)lookup with the proper data. Sounds horrible, doesn't it? ;) -- KOVACS Krisztian