[tproxy] TPROXY + Cisco Firewall
Laszlo Attila Toth
panther at balabit.hu
Thu Aug 16 09:20:45 CEST 2007
Hello,
You use an old version of TProxy. Is there any reason for that? TProxy4
is stable, there is an iptables patch for svn version r7008 - which is
partially ported to xtables by Jan. Check TProxy 4.0.1 for these patches.
Jojy Varghese írta:
> Hi
> I thought some more info might be helpful for someone following
> this thread. In my code, when I call "setsockopt" to set the
> TPROXY_ASSIGN and TPROXY_FLAGS options, I get an error. Please see the
> code below. Any ideas why this might be? Also, if I set the local
> address port to 0 or the foreign address port to 0, how does that
> matter? IN other words, how important is the port assignment?
>
> thanks in advance
> Jojy
>
> ##### Code Begins #########################
> struct in_tproxy itp;
> struct sockaddr_in sin;
>
> itp.op = TPROXY_VERSION;
> itp.v.version = 0x02000000;
> if(setsockopt(handle,SOL_IP,IP_TPROXY,&itp,sizeof(itp)) == -1 )
> {
> __log(LOG_ERROR, L"Error Setting version");
> }
>
> sin.sin_family=AF_INET;
> inet_aton("192.168.1.74", &sin.sin_addr);
> sin.sin_port=htons(9999);
>
> if(bind(handle, (struct sockaddr*)&sin, sizeof(sin)) == -1)
> {
> __log(LOG_ERROR, L"Error Binding");
> }
>
> itp.op = TPROXY_ASSIGN;
> inet_aton("192.168.1.75", (struct in_addr *)&itp.v.addr.faddr);
> itp.v.addr.fport=htons(2000);
>
> if(setsockopt(handle,SOL_IP,IP_TPROXY,&itp,sizeof(itp)) == -1 )
> {
> __log(LOG_ERROR, L"Error Setting Assign Option ");
> }
> itp.op = TPROXY_FLAGS;
> itp.v.flags = ITP_CONNECT;
>
> if(setsockopt(handle,SOL_IP,IP_TPROXY,&itp,sizeof(itp)) == -1 )
> {
> __log(LOG_ERROR, L"Error Setting Flags Option ");
> }
>
> // Code to connect follows
>
> ### Code ends ####
>
>
>
>
--
Panther
More information about the tproxy
mailing list