[tproxy] tproxy4, kernel 2.6.22 and squid-2.6.stable13

Ming-Ching Tiew mingching.tiew at redtone.com
Mon Nov 26 07:36:20 CET 2007


From: "Ming-Ching Tiew" <mingching.tiew at redtone.com>
>
> Sorry to contradict my ownself. It seems my testing was not quite
> conclusive.
> I will report again as soon as I have conclusion. Please ignore my
previous
> posts.
>

OK this is my observation after modifying squid-2.6.STABLE.13 to use
IP_FREEBIND  :-

1. Transparent tproxy is working without NAT.

2. When SNAT is done in the nat table POSTROUTING chain, packets
    goes out and comes back using public IP ( tcpdump confirms it )
    however, squid don't seem to be able to get the return packet.

    In the tproxy2 case, the packet goes out using spoofed private IP and
    hence unable to route back but there is a patch created by
    Arun which fixes this problem.

    In the case of tproxy4 using IP_FREEBIND, I wonder if there is
    someone who can work on an equivalent patch.

Regards.




--------------------------------------------
Important Warning! 

*************************** 

This electronic communication (including any attached files) may contain confidential and/or legally privileged information and is only intended for the use of the person to whom it is addressed. If you are not the intended recipient, you do not have permission to read, use, disseminate, distribute, copy or retain any part of this communication or its attachments in any form. If this e-mail was sent to you by mistake, please take the time to notify the sender so that they can identify the problem and avoid any more mistakes in sending e-mail to you. The unauthorised use of information contained in this communication or its attachments may result in legal action against any person who uses it.



More information about the tproxy mailing list