[tproxy] Clarification on tproxy4 usage
Ming-Ching Tiew
mingching.tiew at redtone.com
Wed Aug 27 16:20:51 CEST 2008
Arun Srinivasan wrote:
> Scenario 2:
> Now am gonna add a SNAT rule on UML 2 to SNAT traffic out through eth1
> with src IP 100.100.200.2
> Say,
> iptables -t nat -A POSTROUTING -o eth2 -p tcp --dport 80 -j SNAT --to
> 100.100.200.2
>
> In this case, the traffic is not hitting the rule that is added.
>
> However, if I remove tproxy related configuration from the UML and
> Squid, the traffic hits the rule like a charm.
>
>
Firstly,
I supposed this just a typo, eth2 is supposed to be eth1 ?
iptables -t nat -A POSTROUTING -o eth2 -p tcp --dport 80 -j SNAT --to
100.100.200.2
Secondly,
I would like to make some suggestion to the testing.
Perhaps you could just keep your existing rules but kill squid, and
issue the http requests from UML2 and do some sniffing on eth1.
This is a simplified test, yet it represents how squid would perform
http request on behalf of the client. This test will verify if there
is any problem with iptables or routing. By right you should see that
the SNAT rule is traversed.
Cheers
More information about the tproxy
mailing list