[tproxy] tproxy won't request whit the source ip

HADI UTOMO h4di_utomo at yahoo.com
Fri Aug 1 10:22:56 CEST 2008


hi. i'm make a bridge whit open suse 10.2 and get tproxy patched on the box. all step has finished,and no error...  at the squid acceess.log i see the request traffict from client ip, but why on the web server log or on the router the request for the web is came from the bridge ip not the original ip ( client ). I have net.ipv4. &  ip_nonlocal_bind =  1 my squid get compiled whit --enable-linux-tproxy. when i tcpdump on the ethetnet that shown a request / search  the dns / ip  of the destination server but, the squid did not request the web.and the client get error message ( 22 )
here is my network diagram :


Client ( 10.0.0.0/24 ) < -- >  | eth0 = Bridge = eth1 | <--> router (10.0.0.254)  <--> web srvr
                                                      |
                                     tproxy + squid 2.6 stable 21

here the script :

 ifconfig eth0 down
ifconfig eth1 down
ifconfig eth0 0.0.0.0 up
ifconfig eth1 0.0.0.0 up

brctl addbr br0
brctl addif br0 eth0
brctl addif br0 eth1

ifconfig br0 10.0.0.250 up
route add default gw 10.0.0.254

brctl stp off
btctl setfd br0 off


 ebtables -t broute -A BROUTING -p IPv4 --ip-protocol 6 --ip-destination-port 80 -j redirect --redirect-target ACCEPT
 iptables -t tproxy -A PREROUTING -i br0 -p tcp -m tcp --dport 80 -j TPROXY --on-port 3128




      
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.balabit.hu/pipermail/tproxy/attachments/20080801/5323c40a/attachment.htm 


More information about the tproxy mailing list