[tproxy] tproxy 4.0 & zorp 3.0.8
Ondrej Kraus
krauso at explorer.cz
Fri Aug 10 13:21:01 CEST 2007
Hello,
great, proxy works now - but just in normal transparent fashion. Ip
addres of outgoing connection is firewall IP.
Thanks
Ondrej
Laszlo Attila Toth napsal(a):
> On Thursday 09 August 2007 16.48.13 Ondrej Kraus wrote:
>
>> thanks for your quick reply. After compiling with 2.6.17 kernel it works
>> better, but still have problems :).
>>
>> Zorp gets the connection, but connection is immediately closed (reset by
>> peer) after sending anything. Zorp then timeoutes after 10s.
>>
>
> Hello,
>
> By default if you use the TPROXY target to redirect packages to another port,
> the program, that is listening on the other port, should use IP_FREEBIND
> socket option because without it the packages don't reach the program. If a
> program doesn't use this option because it is older such as Zorp 3.0.8 or
> compiled by someone else such as netcat, IP_FREEBIND cannot be used also a
> module parameter is the solution: to set tproxy_any to 1.
>
> Also try to load iptable_tproxy with tproxy_any=1. It should work.
>
>
More information about the tproxy
mailing list