[tproxy] libipt_TPROXY.so not compiled

Laszlo Attila Toth panther at balabit.hu
Tue Aug 28 10:32:06 CEST 2007 

Hello,

I forgot to set address family in libxt_tproxy.c (match), but
libxt_TPROXY.c (target) works well.
Patch is attached.

You should use the target as:

iptables -t tproxy -A PREROUTING -p tcp <other options> -j TPROXY <other
parameters>
or
iptables -t tproxy -A PREROUTING -p udp <other options> -j TPROXY <other
parameters>

and
iptables -A INPUT -m tproxy -j ACCEPT

TPROXY target should  be used only in the tproxy table's PREROUTING
chain and tproxy match should be used in filter table's INPUT chain.
Also you shouldn't write  ... -m tproxy ... -j TPROXY



Lachlan Bowes írta:
> Have any of you seen this before?
>
> I followed instructions in README, but to no avail.
>
> Apologies if this is obvious but I am from a FreeBSD background, linux
> is not my normal OS so environment is foreign to me.
>
> Regards,
>     Lachlan
>
> root at syd-log01:/root/tproxy-4.0.1-2.6.22# uname -a
> Linux syd-log01 2.6.22.3 #1 SMP Tue Aug 28 21:54:20 EST 2007 i686 GNU/Linux
> root at syd-log01:/root/tproxy-4.0.1-2.6.22#
>
>
> root at syd-log01:/root/tproxy-4.0.1-2.6.22# iptables -t tproxy -A
> PREROUTING -j TPROXY --on-port 3128
> iptables v1.3.8: Unknown arg `--on-port'
> Try `iptables -h' or 'iptables --help' for more information.
> root at syd-log01:/root/tproxy-4.0.1-2.6.22# iptables -t tproxy -A
> PREROUTING -j TPROXY
> iptables v1.3.8: Couldn't load target
> `TPROXY':/usr/local/lib/iptables/libipt_TPROXY.so: cannot open shared
> object file: No such file or directory
>
> Try `iptables -h' or 'iptables --help' for more information.
> root at syd-log01:/root/tproxy-4.0.1-2.6.22# lsmod  | grep iptable
> iptable_filter          3104  0
> iptable_tproxy          6468  0
> ip_tables              12420  2 iptable_filter,iptable_tproxy
> root at syd-log01:/root/tproxy-4.0.1-2.6.22#
>   

--
Panther
-------------- next part --------------
A non-text attachment was scrubbed...
Name: libxt_tproxy.diff
Type: text/x-patch
Size: 800 bytes
Desc: not available
Url : http://lists.balabit.hu/pipermail/tproxy/attachments/20070828/952d29a9/attachment.bin

More information about the tproxy mailing list