[tproxy] tproxy 4.1.0 in bridge mode
Ming-Ching Tiew
mingching.tiew at redtone.com
Wed Jul 9 03:32:34 CEST 2008
sameer khan wrote:
>> for reply, i read the command if i m not mistaken written by
>> yourself
>> INSIDE_DEV=eth0
>> OUTSIDE_DEV=eth1
>> ebtables -t broute -A BROUTING -i $INSIDE_DEV -p ipv4 \
>> --ip-protocol tcp --ip-destination-port 80 \
>> -j redirect --redirect-target DROP
>> ebtables -t broute -A BROUTING -i $OUTSIDE_DEV -p ipv4 \
>> --ip-protocol tcp --ip-source-port 80 \
>> -j redirect --redirect-target DROP
Sometime ago I did launched a kernel bug report about these command
can cause kernel to panic, due to some "regression" introduced between
kernel 2.6.23-2.6.24, but it was fixed already - sometime ago.
By the way, there is no such kernel release version 2.6.24.19, the highest
number is 2.6.24.7 - which I think is a safe choice. Funny where do you
get your kernel from ?
Also "tproxy" patch might be the one which causes the panic when working
under bridge. As I mentioned, it's best you do some work to isolate the
problem. Just conduct some experiments, with and without tproxy patch,
then you would know who is the culprit. Kernel core dump will also give
you additional information.
Ming-Ching
More information about the tproxy
mailing list