[tproxy] Patching iptables
n3nguyen at gmail.com
Thu Apr 6 22:52:54 CEST 2006
It turns out that the port isn't being faked either.
I'm only able to connect if I set the foreign IP address equal to the local
IP address and the foreign port equal to the local port.
A tcpdump at the client shows that the IP headers aren't being modified.
It's as if tproxy is creating entries in the hash table (TPROXY_ASSIGN and
the subsequent call to setsockopt() is successful), but isn't overwriting
the approriate fields in the IP headers.
On 4/6/06, Nguyen Nguyen <n3nguyen at gmail.com > wrote:
> Thanks for the response.
> Here's my problem:
> I'm running foreign-tcp-connect on a machine (say 22.214.171.124) to fake a
> source address (say 126.96.36.199 port 9999) when connecting to a web server.
> I get a connect timeout.
> At the webserver, when I do a tcpdump, it seems that only the port is
> being faked, not the IP address. That is, the tcpdump output shows that I'm
> trying to connect from 188.8.131.52 port 9999.
> If I use 184.108.40.206 as the fake IP address, it works. Has anyone experienced
> this problem? What am I missing?
> My setup:
> Linux kernel 220.127.116.11 (pristine) patched with tproxy-2.6.15-2.0.4
> Many thanks,
> On 4/6/06, Jan Engelhardt <jengelh at linux01.gwdg.de > wrote:
> > >Q: Is patching the iptables userspace necessary if I just want to fool
> > >around with the example programs, say foreign-tcp-connect?
> > >
> > No, only if you want to modify the kernel ip tables.
> > (Which is not required if you only want to fake addresses.)
> > Jan Engelhardt
> > --
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the tproxy