[tproxy] tproxy won't request whit the source ip
HADI UTOMO
h4di_utomo at yahoo.com
Fri Aug 1 10:22:56 CEST 2008
hi. i'm make a bridge whit open suse 10.2 and get tproxy patched on the box. all step has finished,and no error... at the squid acceess.log i see the request traffict from client ip, but why on the web server log or on the router the request for the web is came from the bridge ip not the original ip ( client ). I have net.ipv4. & ip_nonlocal_bind = 1 my squid get compiled whit --enable-linux-tproxy. when i tcpdump on the ethetnet that shown a request / search the dns / ip of the destination server but, the squid did not request the web.and the client get error message ( 22 )
here is my network diagram :
Client ( 10.0.0.0/24 ) < -- > | eth0 = Bridge = eth1 | <--> router (10.0.0.254) <--> web srvr
|
tproxy + squid 2.6 stable 21
here the script :
ifconfig eth0 down
ifconfig eth1 down
ifconfig eth0 0.0.0.0 up
ifconfig eth1 0.0.0.0 up
brctl addbr br0
brctl addif br0 eth0
brctl addif br0 eth1
ifconfig br0 10.0.0.250 up
route add default gw 10.0.0.254
brctl stp off
btctl setfd br0 off
ebtables -t broute -A BROUTING -p IPv4 --ip-protocol 6 --ip-destination-port 80 -j redirect --redirect-target ACCEPT
iptables -t tproxy -A PREROUTING -i br0 -p tcp -m tcp --dport 80 -j TPROXY --on-port 3128
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.balabit.hu/pipermail/tproxy/attachments/20080801/5323c40a/attachment.htm
More information about the tproxy
mailing list