[tproxy] Bad Interaction between NAT and TPROXY

Tim Burress hokousha2001@yahoo.com
Sat, 28 Aug 2004 14:19:25 -0700 (PDT)

Hi Krisztian,

--- KOVACS Krisztian <hidden@balabit.hu> wrote:
>   Thanks for the detailed problem report... This
> seems to be a quite
> tough problem, and a very curious interaction
> between different parts of
> Netfilter. At the moment I do not have any better
> ideas than checking
> IPS_TPROXY, but I hope that the problem can be
> investigated in more
> detail on the Netfilter workshop.

Just FYI, we did try checking IPS_TPROXY at the point
where do_extra_mangle() is called, but it seems like,
at that point, the flag has not yet been set in the
conntrack record, so it didn't work out.

Thanks for your reply and anything you can come up
with at the workshop!


Do you Yahoo!?
Win 1 of 4,000 free domain names from Yahoo! Enter now.