[tproxy] TProxy version 4.0.0 released
Cameron Schaus
cam at schaus.ca
Wed Aug 15 07:22:07 CEST 2007
Balazs Scheidler wrote:
>Can you confirm that skb->sk is set in tcp_v4_rcv() by the time the
>packet gets there?
>
>
When a bridge is used, the packets never arrive in tcp_v4_rcv. The
packets make it through the ip_divert_local function, initially by
creating the dst entry (the bottom logic of the function), and
subsequently by looking up the cached entry. But they never arrive at
tcp_v4_rcv.
When I "short circut" the bridge by using an ebtables entry, I see the
packets going through tcp_v4_rcv.
Is there a mismatch with the bridge device and the "in" device used in
pre-routing that prevents the packet from being dispatched to the ip
protocol handler? Any other ideas?
>You could also get some information by adding a "LOG" rule in
>filter/INPUT, as that chain is iterated only if the packet successfully
>got to the input side of the IP stack.
>
>
No packets are logged when I add the LOG rule as you suggest, likely
because they are not making it into the stack (tcp_v4_rcv).
Any other ideas on where to look are appreciated. I'll try and trace
the packet through the bridge code, but the bridge code is fairly
simple, and doesn't do much to the packet before it re-injects it for
local delivery.
Cam
More information about the tproxy
mailing list