[tproxy] tproxy in newer 2.6 kernels

Jan Engelhardt jengelh at linux01.gwdg.de
Tue Jul 11 11:41:14 CEST 2006

>REDIRECT functionality does work upstream, but TCP source address
>spoofing can only be achieved with iptables SNAT.

SNAT in -t nat -A OUTPUT does not seem to work AFAICR, so you need at least 
two boxes to implement the SNAT, right?

Jan Engelhardt

More information about the tproxy mailing list