tproxy on bridge interface
Hello. On Wed Nov 14 22:35:19 CET 2007 Cameron Schaus wrote: "I have done some previous investigation around using tproxy4 code on a bridge interface. I found that the bridge code clobbers the dst route entry added by tproxy4 during prerouting, and that packets processed by tproxy destined for the localhost need to be marked with a packet type of PACKET_HOST otherwise they are dropped higher up the stack. I don't have a patch right now, but I can get you a diff of the bridge code changes needed to make this work if you are interested. The changes are fairly minor. Cam" I would like to get an assistance in one of the following ways: 1. If exist, to get the patch for the "the bridge code changes". 2. Diff between original source code and modified one. 3. More guidance for code area(s) that need to be modified. Thanks in advance, Michael Gaisinsky <Mike@PineApp.Com>
Hi, On Thu, Nov 22, 2007 at 10:48:47AM +0200, Michael Gaisinsky wrote:
On Wed Nov 14 22:35:19 CET 2007 Cameron Schaus wrote: "I have done some previous investigation around using tproxy4 code on a bridge interface. I found that the bridge code clobbers the dst route entry added by tproxy4 during prerouting, and that packets processed by tproxy destined for the localhost need to be marked with a packet type of PACKET_HOST otherwise they are dropped higher up the stack.
I don't have a patch right now, but I can get you a diff of the bridge code changes needed to make this work if you are interested. The changes are fairly minor.
Cam"
I would like to get an assistance in one of the following ways: 1. If exist, to get the patch for the "the bridge code changes". 2. Diff between original source code and modified one. 3. More guidance for code area(s) that need to be modified.
I think you're not the only one interested in these changes. Cam, could you post your patch implementing the necessary changes to make bridged tproxy work? -- KOVACS Krisztian
KOVACS Krisztian wrote:
I think you're not the only one interested in these changes.
Cam, could you post your patch implementing the necessary changes to make bridged tproxy work?
Sure. I'll post them soon. I have to find the code I wrote. I wasn't able to use tproxy4 due to some other issues I wasn't able to solve, so I'm not sure where the code went. Cam
participants (3)
-
Cameron Schaus
-
KOVACS Krisztian
-
Michael Gaisinsky