On Tue, 2005-02-22 at 13:35 +0100, Tillmann Werner wrote:
Hi,
I am new to this list and zorp as well. I am just playing around with zorp in a user mode linux environment and need some help with iptables configuration.
There is one http zorp proxy configured right now. The system and zorp is running fine, but I get some loops when trying to connect to a web server through the zorp machine.
I need to redirect connections coming in on my internal interface on, say, port 80/tcp to zorp (i.e. port 50080/tcp) and tproxy them to servers in the internet, reachabel via an external interface. Redirection works, tproxying as well, but iptables seems to redirect the connection established by zorp back to the proxy.
Is there any configuration example or documentation for such a setup? I know the tutorial on the zorp gpl web page, but could not get any help for my problems out of it, maybe because of lack of detailed iptables knowledge.
I currently have no access to my configuration, but I can post details later, if needed.
I think Zorp has not correctly detected your transparent proxying implementation, thus does not detect the actual transparent destination of your client, uses the listener address instead (e.g. the address the IP stack "thinks" your destination was), and then reconnects itself. You should check the output of your "System dependant init" log message at Zorp startup, where you should see "sysdep_tproxy=2" or sysdep_tproxy=tproxy12, depending on your Zorp version. (3.0.3 or later reports the latter one, earlier Zorp versions reported it numerically) If you see sysdep_tproxy=1 or linux22 then Zorp did not detect your tproxy correctly, maybe you don't have the autobind interface configured correctly. Zorp also reminds you about this, with a logmessage like "Error autobinding socket..." If you post the startup logs (by running /usr/lib/zorp/zorp -v8 -l -T) I might help you identify other problems as well. -- Bazsi