[tproxy] tproxy development version 1.1.1

KOVACS Krisztian hidden@balabit.hu
Fri, 10 Oct 2003 10:04:54 +0200


   The first version from the development branch (1.1) of tproxy has been 
released. This version has substantially reworked connection tracking 
entry deletion, and comes with an experimental patch to the Netfilter NAT 
and connection tracking code to make reusing of addresses used by 
TIME_WAIT connections possible.

   The contents of the patch_tree subdirectory:

   * 01-tproxy-1.1.1.diff - the transparent proxying patch, you should 
apply at least this one.

   * 02-nat_conntrack_delete.diff - experimental patch for Netfilter NAT, 
use if you get a lot of "error applying NAT mapping" errors, and please 
report experiences to the mailing list.

   The userspace-kernel interface is unchanged, so it is compatible with 
the stable versions. The patch is for Linux 2.4.22, and because of 
submitted changes in Netfilter NAT and conntrack code, may not work with 
later kernels.

   Although it has passed basic tests and appears to be working, it is 
still experimental, so use with care. Testing on heavily loaded and/or SMP 
boxes would be appreciated, just send bugreports to the tproxy mailing 
list. (We are interested in all kinds of problems, not just oopses: 
strange looking error/warning messages in your kernel logs, etc.)

   The package is available from


   MD5 checksum of cttproxy-2.4.22-1.1.1.tar.gz:

     Krisztian KOVACS