Is the project still alive?
Hello, Is the project maintained now? I see that last patches are for kernel 2.6.25 while the last version of the kernel is 4.3.2 I am looking for the way to make a really transparent TCP proxy: in particular, if TCP connection is being established by the client (TCP SYN was sent), I don't want the proxy to answer with TCP SYN+ACK but I want it to send client's TCP SYN package to the remote server and wait for it to answer. And then answer to the client with the server's packet. Can this goal be achieved with the help of tproxy of are you aware of any other solution which can help me? Thanks in advance! -- WBR & WBW, Vitaly
On Mon, Dec 14, 2015 at 12:16:02PM +0200, Vitaly Repin wrote:
I am looking for the way to make a really transparent TCP proxy: in particular, if TCP connection is being established by the client (TCP SYN was sent), I don't want the proxy to answer with TCP SYN+ACK but I want it to send client's TCP SYN package to the remote server and wait for it to answer. And then answer to the client with the server's packet.
Can this goal be achieved with the help of tproxy of are you aware of any other solution which can help me?
I hacked something like this up a while ago: http://oss.sgi.com/archives/netdev/2002-11/msg00271.html This particular patch was kind of dodgy, and I dropped working on it because there wasn't a whole lot of interest in it, but maybe this is a useful starting point.
Tproxy is maintained as part of the kernel now (as of 2.6.28 I think), so it's built into newer kernels (compile time option) without the need of a patch. I am not aware of a way to avoid answering on the client side until server side established. -----Original Message----- From: tproxy-bounces@lists.balabit.hu [mailto:tproxy-bounces@lists.balabit.hu] On Behalf Of Vitaly Repin Sent: Monday, December 14, 2015 5:16 AM To: tproxy@lists.balabit.hu Subject: [tproxy] Is the project still alive? Hello, Is the project maintained now? I see that last patches are for kernel 2.6.25 while the last version of the kernel is 4.3.2 I am looking for the way to make a really transparent TCP proxy: in particular, if TCP connection is being established by the client (TCP SYN was sent), I don't want the proxy to answer with TCP SYN+ACK but I want it to send client's TCP SYN package to the remote server and wait for it to answer. And then answer to the client with the server's packet. Can this goal be achieved with the help of tproxy of are you aware of any other solution which can help me? Thanks in advance! -- WBR & WBW, Vitaly _______________________________________________ tproxy mailing list tproxy@lists.balabit.hu https://lists.balabit.hu/mailman/listinfo/tproxy
participants (3)
-
John Lauro
-
Lennert Buytenhek
-
Vitaly Repin