[tproxy] Both session stealing and src spoofing.(Proxy-Firewall)
Yoshioka Tsuneo
tsuneo.yoshioka@f-secure.com
Thu, 19 Jun 2003 23:04:47 +0900
Hello Bazsi
Thank you very much for your quick advice.
> If I understand correctly what you mean here, it is not currently possible
> as the tuple of the connection must be unique.
> The tuple includes source address, source port, destination address,
> destination port. The incoming connection and the connection on the
> server side have the same tuples. Do you really need to also fake the source
> port towards the server?
>
> In our experience, choosing a different port dynamically towards the server
> causes no problems.
At now, there is no need to keep source port address of client.
So I tried to set "itp.itp_fport=0".
And it works without problem !
Thank you.
P.S.
I hope that tproxy kernel patch will be joined to Linux2.5(and 2.6) kernel.
I would be happy if you and Linus have such a plan. :-)
--
Yoshioka Tsuneo
E-MAIL: Tsuneo.Yoshioka@f-secure.com