[tproxy] Stunnel 4 on linux 2.6.22
Mike Mattice
mike.mattice at gmail.com
Fri Sep 14 22:15:01 CEST 2007
This strace shows my (albeit hacked up) work attempting to get stunnel
to play with tproxy support.
strace obviously doesn't know how to interpret the IP_FREEBIND passed
to setsockopt, but other than that, it's not throwing an error there.
Stunnel uses the EINPROGRESS error as a signal to attempt the next ip
in the list (if it has one) so it just ends up resetting a perfectly
good connection every time.
We're using tproxy 4.0.2-2.6.22
Do we _have_ to patch iptables and set up the tproxy stuff there in
order to do the tproxy freebind stuff?
Thanks...
779 socket(PF_INET, SOCK_STREAM, IPPROTO_IP) = 8
779 fcntl64(8, F_GETFL) = 0x2 (flags O_RDWR)
779 fcntl64(8, F_SETFL, O_RDWR|O_NONBLOCK) = 0
779 setsockopt(8, SOL_IP, 0xf /* IP_??? */, [1], 4) = 0
779 bind(8, {sa_family=AF_INET, sin_port=htons(60413),
sin_addr=inet_addr("172.16.200.249")}, 16) = 0
779 connect(8, {sa_family=AF_INET, sin_port=htons(514),
sin_addr=inet_addr("127.0.0.1")}, 16) = -1 EINPROGRESS (Operation now
in progress)
More information about the tproxy
mailing list