[tproxy] cttproxy question
Ritter, Nicholas
Nicholas.Ritter at americantv.com
Mon Jul 21 18:42:51 CEST 2008
I have two quick question about the old cttproxy patches:
1) is "echo 1 > /proc/sys/net/ipv4/ip_nonlocal_bind" needed?
2) is only one iptables rule needed? I am using : "iptables -t tproxy -A
PREROUTING -s 10.48.1.0/16 -p tcp -m tcp --dport 80 -j TPROXY --on-port
80 --on-ip 0.0.0.0" and it is not working. I still see the ip of the
squid box, and not the original client. It seems as though the problem
is in iptables somewhere. I am using this as part of a L3/L4 WCCP/Squid
setup and not a bridging solution.
I have looked at multiple tproxy howtos...only one worked, and it was a
bridging solution on Debian. But I am not using Debian, and I can't use
a bridging solution.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.balabit.hu/pipermail/tproxy/attachments/20080721/c26eaca6/attachment.htm
More information about the tproxy
mailing list