[tproxy] Patching iptables

Nguyen Nguyen n3nguyen at gmail.com
Thu Apr 6 19:46:47 CEST 2006


Thanks for the response.

Here's my problem:
I'm running foreign-tcp-connect on a machine (say 1.2.3.4) to fake a source
address (say 5.6.7.8 port 9999) when connecting to a web server.  I get a
connect timeout.

At the webserver, when I do a tcpdump, it seems that only the port is being
faked, not the IP address.  That is, the tcpdump output shows that I'm
trying to connect from 1.2.3.4 port 9999.

If I use 5.6.7.8 as the fake IP address, it works.  Has anyone experienced
this problem?  What am I missing?

My setup:
Linux kernel 2.6.15.3 (pristine) patched with tproxy-2.6.15-2.0.4

Many thanks,
N



On 4/6/06, Jan Engelhardt <jengelh at linux01.gwdg.de> wrote:
>
>
> >Q:  Is patching the iptables userspace necessary if I just want to fool
> >around with the example programs, say foreign-tcp-connect?
> >
> No, only if you want to modify the kernel ip tables.
> (Which is not required if you only want to fake addresses.)
>
>
> Jan Engelhardt
> --
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.balabit.hu/pipermail/tproxy/attachments/20060406/e81796c7/attachment.html


More information about the tproxy mailing list