[tproxy] [PATCH] Tproxy 2.0.0 patch for 2.6.9
KOVACS Krisztian
hidden@balabit.hu
Thu, 02 Dec 2004 11:42:04 +0100
Hi,
2004-12-02, cs keltezéssel 11:29-kor Igmar Palsenberg ezt írta:
> Is there any official patch for tproxy 2.0.x for 2.6.9 ? I've merged
> basically everything, but someone who is more familiar with the whole
> stuff needs to have a look at it.
>
> My version is at http://www.jdimedia.nl/igmar/tproxy-2.0.0-2.6.9.patch
>
> Can someone have a look at this ?
Seems OK, except for one thing: in ip_tproxy_setup_nat_unidir() we'll
probably need setting the new nfctinfo field of the skb structure as
well. Something like this:
- 8< -
/* free the original conntrack entry, and assign the fake one */
nf_conntrack_put(skb->nfct);
skb->nfct = &ip_tproxy_fake_ct.ct_general;
skb->nfctinfo = IP_CT_NEW;
nf_conntrack_get(skb->nfct);
skb->nfcache = NFC_ALTERED;
- 8< -
Note that I've not tested this version at all, so this is all theory.
I'll prepare an "official" version of the patch as soon as I have time
for some testing.
--
Regards,
Krisztian KOVACS