Tproxy changes for performing dual NAT
Hi Bazsi, Thank you for a nice work that provides real transparency to both web users and web servers. :) I am using cttproxy v2.0.6 on linux kernel v2.6.18.1 along with Squid v2.6. Cttproxy is used to provide transparency to both web server and client and also to cache web requests. Sometimes it is required to SNAT HTTP traffic that is not possible with Cttproxy-v2.0.6; since double NAT is not possible. Here is a patch attached to solve that issue. This patch helps to perform SNAT in POSTROUTING chain of TPROXY table as well as in POSTROUTING chain of NAT table. Can you please validate this patch let me know your concerns. -- Regards, Arun S.
Hi Bazsi, The patch was not included with the previous mail. Please find the patch in text format. On 10/10/2007, Arun S <hi2arun@gmail.com> wrote:
Hi Bazsi,
Thank you for a nice work that provides real transparency to both web users and web servers.
:)
I am using cttproxy v2.0.6 on linux kernel v2.6.18.1 along with Squid v2.6.
Cttproxy is used to provide transparency to both web server and client and also to cache web requests.
Sometimes it is required to SNAT HTTP traffic that is not possible with Cttproxy-v2.0.6; since double NAT is not possible.
Here is a patch attached to solve that issue.
This patch helps to perform SNAT in POSTROUTING chain of TPROXY table as well as in POSTROUTING chain of NAT table.
Can you please validate this patch let me know your concerns.
-- Regards, Arun S.
-- Regards, Arun S.
Arun, For use with squid 2.6, what is the main difference between cttproxy2 and tproxy4? Still trying to find my feet getting tproxy4 to provide real transparency with squid. Any pointer will help Sonny. -----Original Message----- From: tproxy-bounces@lists.balabit.hu [mailto:tproxy-bounces@lists.balabit.hu] On Behalf Of Arun S Sent: Wednesday, October 10, 2007 12:08 PM To: Tproxy Subject: Re: [tproxy] Tproxy changes for performing dual NAT Hi Bazsi, The patch was not included with the previous mail. Please find the patch in text format. On 10/10/2007, Arun S <hi2arun@gmail.com> wrote:
Hi Bazsi,
Thank you for a nice work that provides real transparency to both web users and web servers.
:)
I am using cttproxy v2.0.6 on linux kernel v2.6.18.1 along with Squid v2.6.
Cttproxy is used to provide transparency to both web server and client and also to cache web requests.
Sometimes it is required to SNAT HTTP traffic that is not possible with Cttproxy-v2.0.6; since double NAT is not possible.
Here is a patch attached to solve that issue.
This patch helps to perform SNAT in POSTROUTING chain of TPROXY table as well as in POSTROUTING chain of NAT table.
Can you please validate this patch let me know your concerns.
-- Regards, Arun S.
-- Regards, Arun S.
Hello, thanks for your patch. But in favour of TProxy4 the older versions (included cttproxy2) are now obsolated and unmaintained. The current version is waiting for kernel acceptance. Also you should maintain this new patch for cctproxy2. On 2007.10.10., at 8:33, Arun S wrote:
Hi Bazsi,
Thank you for a nice work that provides real transparency to both web users and web servers.
:)
I am using cttproxy v2.0.6 on linux kernel v2.6.18.1 along with Squid v2.6.
Cttproxy is used to provide transparency to both web server and client and also to cache web requests.
Sometimes it is required to SNAT HTTP traffic that is not possible with Cttproxy-v2.0.6; since double NAT is not possible.
Here is a patch attached to solve that issue.
This patch helps to perform SNAT in POSTROUTING chain of TPROXY table as well as in POSTROUTING chain of NAT table.
Can you please validate this patch let me know your concerns.
Regards, Attila
Hi Panther, Thank you! Where shall I maintain this patch for cttproxy2? On 15/10/2007, Tóth László Attila <panther@balabit.hu> wrote:
Hello,
thanks for your patch. But in favour of TProxy4 the older versions (included cttproxy2) are now obsolated and unmaintained. The current version is waiting for kernel acceptance. Also you should maintain this new patch for cctproxy2.
On 2007.10.10., at 8:33, Arun S wrote:
Hi Bazsi,
Thank you for a nice work that provides real transparency to both web users and web servers.
:)
I am using cttproxy v2.0.6 on linux kernel v2.6.18.1 along with Squid v2.6.
Cttproxy is used to provide transparency to both web server and client and also to cache web requests.
Sometimes it is required to SNAT HTTP traffic that is not possible with Cttproxy-v2.0.6; since double NAT is not possible.
Here is a patch attached to solve that issue.
This patch helps to perform SNAT in POSTROUTING chain of TPROXY table as well as in POSTROUTING chain of NAT table.
Can you please validate this patch let me know your concerns.
Regards, Attila
-- Regards, Arun S.
participants (3)
-
Arun S
-
Sunday A. Idajili [ITClick Lagos]
-
Tóth László Attila