[tproxy] tproxy + squid 3 + kernel 2.6.25 + iptables 1.4.0
Ming-Ching Tiew
mingching.tiew at redtone.com
Fri Jun 20 11:12:22 CEST 2008
Laszlo Attila Toth wrote:
>
> I will forward port of the kernel patches to 2.6.25 and 2.6.26 and
> test when I'll have time for it. But first I have to eliminate a
> problem related to the tproxy that it doesn't work if the interface
> is in bridge mode (br0, etc). This issue occurs on each versions of
> tproxy4 (4.0 and
> 4.1). The 4.0 branch is used internally in our product but my
> assumption is that when I fix the 4.0, I can find a solution for 4.1,
> too. Now I have no idea why it goes wrong with a bridge: TPROXY
> target (and iptables/netfilter) doesn't receive any packets.
I did mentioned about this long long time ago. If you search
through the older posts, I did mentioned a "workaround" for it.
Unless now you are working on a fix in the kernel.
Basically, I use ebtables to redirect the traffic to enter and leave
via the physical interface instead of the (virtual) bridge interface.
Regards.
More information about the tproxy
mailing list