Hi Baszi, first of all thanks for your fast reply. I spent the last days compiling different versions of zorp gpl to make sure to "configure" with "--with-tproxy=netfilter". The stable release was the only version I could get running 'till now...
If you see sysdep_tproxy=1 or linux22 then Zorp did not detect your tproxy correctly, maybe you don't have the autobind interface configured correctly. Zorp also reminds you about this, with a logmessage like "Error autobinding socket..."
I've got "sysdep_tproxy=1" indeed. The system runs a tproxy-patched 2.6.10 kernel (uml), my python is 2.3.3. Are there any known tproxy detection problems on such a setup?
If you post the startup logs (by running /usr/lib/zorp/zorp -v8 -l -T) I might help you identify other problems as well.
This is from a freshly installed stable release with the example policy file (without the "python future warnings"): ------------------------------------------- root@tproxy:#> /usr/local/lib/zorp/zorp -v8 -l -T Zorp-INFO: core.debug(0): (noname/nosession): Verbosity level: 8 Zorp-INFO: core.debug(6): (noname/nosession): System dependant init; sysdep_tproxy='1' Zorp-INFO: core.debug(7): (noname/nosession): Start to listen; fd='5' Zorp-INFO: core.debug(6): (conntrack/thread): thread starting; Zorp-INFO: core.info(5): zorp version 2.0.9 starting up Zorp-INFO: core.debug(5): (noname/nosession): Zone(site-net): outbound service=intra_http Zorp-INFO: core.debug(5): (noname/nosession): Zone(site-net): outbound service=intra_ftp Zorp-INFO: core.debug(5): (noname/nosession): Zone(site-net): outbound service=intra_cvs Zorp-INFO: core.debug(5): (noname/nosession): Zone(local): inbound service=* Zorp-INFO: core.debug(5): (noname/nosession): Zone(internet): inbound service=* Zorp-INFO: core.error(0): (noname/nosession): Instance definition not found in policy; instance='zorp' Traceback (most recent call last): File "/usr/local/share/zorp/pylib/Zorp/Zorp.py", line 175, in init func() UnboundLocalError: local variable 'func' referenced before assignment Zorp-INFO: core.error(0): (noname/nosession): Error initializing policy; Zorp-INFO: core.error(0): (noname/nosession): Error loading initial policy, exiting; Zorp-INFO: core.info(5): zorp version 2.0.9 going down. Zorp-INFO: core.debug(6): (conntrack/thread): thread exiting; root@tproxy:#> ------------------------------------------- Till