[tproxy] tproxy 4.1.0 in bridge mode

Ming-Ching Tiew mingching.tiew at redtone.com
Wed Jul 9 03:32:34 CEST 2008

sameer khan wrote:

>> for reply, i read the command if i m not mistaken written by
>> yourself 
>> INSIDE_DEV=eth0
>> OUTSIDE_DEV=eth1      
>> ebtables -t broute -A BROUTING -i $INSIDE_DEV -p ipv4 \ 
>>             --ip-protocol tcp --ip-destination-port 80  \
>>             -j redirect --redirect-target DROP      
>> ebtables -t broute -A BROUTING -i $OUTSIDE_DEV -p ipv4 \
>>        --ip-protocol tcp --ip-source-port 80  \
>>        -j redirect --redirect-target DROP

Sometime ago I did launched a kernel bug report about these command
can cause kernel to panic, due to some "regression" introduced between
kernel 2.6.23-2.6.24, but it was fixed already - sometime ago. 

By the way, there is no such kernel release version, the highest 
number is - which I think is a safe choice. Funny where do you 
get your kernel from ?

Also "tproxy" patch might be the one which causes the panic when working 
under bridge. As I mentioned, it's best you do some work to isolate the
problem. Just conduct some experiments, with and without tproxy patch,
then you would know who is the culprit. Kernel core dump will also give
you additional information.


More information about the tproxy mailing list