I've patched my kernel (debian 2.4.20 pkg) with your latest tproxy patch. and have inserted your iptable_tproxy module iptable_tproxy 9760 0 (unused) iptable_nat 15800 0 [iptable_tproxy] ip_tables 11896 4 [iptable_tproxy iptable_nat] ip_conntrack 19016 1 [iptable_tproxy iptable_nat] I'm now trying to get my stunnel wrapped imapd to report remote ip addresses in the log file. stunnel with the -T switch is supposed to try to listen on a foreign IP address - but i still see May 30 03:14:18 strange imapd[1207]: login: strange[127.0.0.1] bwlang plaintext in my mail.log instead of the 192.168.0.5 that i should see. Do all have any suggestion for making this work or debugging the problem? I think I do not have to set up any sort of iptables rule - is that correct? thanks! brad
On Fri, May 30, 2003 at 03:15:24AM -0400, Brad Langhorst wrote:
I've patched my kernel (debian 2.4.20 pkg) with your latest tproxy patch. and have inserted your iptable_tproxy module
iptable_tproxy 9760 0 (unused) iptable_nat 15800 0 [iptable_tproxy] ip_tables 11896 4 [iptable_tproxy iptable_nat] ip_conntrack 19016 1 [iptable_tproxy iptable_nat]
I'm now trying to get my stunnel wrapped imapd to report remote ip addresses in the log file.
stunnel with the -T switch is supposed to try to listen on a foreign IP address - but i still see May 30 03:14:18 strange imapd[1207]: login: strange[127.0.0.1] bwlang plaintext in my mail.log instead of the 192.168.0.5 that i should see.
Do all have any suggestion for making this work or debugging the problem? I think I do not have to set up any sort of iptables rule - is that correct?
You will need a patch for that to stunnel to support the TPROXY API. And even in this case I don't know whether netfilter is able to SNAT towards the loopback interface. -- Bazsi PGP info: KeyID 9AF8D0A9 Fingerprint CD27 CFB0 802C 0944 9CFD 804E C82C 8EB1
participants (2)
-
Balazs Scheidler
-
Brad Langhorst