[tproxy] [stunnel patch] transparent proxy on linux 2.6 using cttproxy patch

Jan Engelhardt jengelh at linux01.gwdg.de
Mon Aug 22 16:00:11 CEST 2005

>the patch is higly incomplete, but it works (see TODO). 

If it works it must be complete. Compare with my squid3 patch.

>if you want to try this patch, you MUST modify the hardcoded IP address
>in client.c to the IP address of the stunnel server (look for DOIT! in
>the source code). any improvements wellcome.

@Kovacs, this looks like the same issue with squid's tcp_outgoing_address 
which can't be

>the application server must believe that it has to route all packets of
>transparently tunneled connections via the stunnel server. thus the two
>server should be on the same subnet.

Not needed. For proxying to work, just have someone to ARP-respond and 

The patch is not in unified style and looks a bit more complex than I think it 
could be.

Jan Engelhardt
| Alphagate Systems, http://alphagate.hopto.org/

More information about the tproxy mailing list