[tproxy] Issue configuring 2.6.20 kernel with tproxy 2.0.6
Pranav Desai
pranavadesai at gmail.com
Wed Mar 14 18:55:45 CET 2007
On 3/14/07, Jan Engelhardt <jengelh at linux01.gwdg.de> wrote:
>
> On Mar 14 2007 11:22, KOVACS Krisztian wrote:
> >
> >On Tuesday 13 March 2007 21:01, Pranav Desai wrote:
> >> I am trying to patch the 2.6.20 kernel with the patches in
> >> cttproxy-2.6.20-2.0.6.tar.gz. But it doesnt show up in 'make
> >> menuconfig'.
> >
> > Could you send your .config to me (in private)? There quite a few
> >Netfilter changes in recent 2.6 kernels. I suspect it has something to do
> >with either using nf_conntrack instead of ip_conntrack, not enabling
> >x_tables, or something like this. I can say more based on your .config.
>
> It _is_ the change from ip to nf. (From "Layer3-dependent tracking" to
> "Layer3-independent tracking" as it was called in 2.6.18)
>
I found the solution.
In the 2.6.20 kernel there is an option to enable transparent proxy
using the layer 3 dependent option ...
networking -> networking options -> packet filtering framework -> core
netfilter -> netfilter connection tracking support
pick the OBSOLETE (layer 3 dependent option)
Then you will get the transparent proxy options enabled in the IP
netfilter section.
Not sure if using something OBSOLETE has any other implication ...
-- Pranav
> Yeah, you need to patch nf_conntrack_expect instead of ip_conntrack (for
> NF_NAT_RES), etc. I already tried changing but got stuck right away.
>
>
> Jan
> --
> _______________________________________________
> tproxy mailing list
> tproxy at lists.balabit.hu
> https://lists.balabit.hu/mailman/listinfo/tproxy
>
--
------------------------------
http://pd.dnsalias.org
More information about the tproxy
mailing list