[tproxy] tproxy for kernel 2.6.18.6
Balazs Scheidler
bazsi at balabit.hu
Wed Nov 12 19:45:46 CET 2008
On Wed, 2008-11-12 at 10:07 +0200, Victoria Muntean wrote:
> Hello,
> What is latest version of tproxy that I can apply to kernel 2.6.18.6 ?
> Thanks
> Viki
well, we are not maintaining a tproxy patch for 2.6.18. The "finished"
tproxy was integrated into 2.6.28, a functionally equivalent version is
available for 2.6.26.
TProxy had multiple incarnations, these are:
tproxy2 - Netfilter NAT based
tproxy3 - never really published (apart from the related Zorp kernel
releases), also Netfilter NAT based
tproxy4 - the first version that basically works like the one
integrated in the kernel. It has a "tproxy" table, a TPROXY target and
"tproxy" match
tproxy4.1 - the one integrated in the kernel, drops the tproxy table,
uses the mangle table instead; also drops various routing tricks, so now
it uses policy routing to do the diversions
I would not recomment using either tproxy2/3. tproxy4 could be ok, and
there's a version of tproxy4 for 2.6.17 in BalaBit's kernel releases. It
can probably forward ported to 2.6.18 with small fixups.
tproxy 4.1 would be much more difficult to backport, in 2.6.26 the
network namespaces were introduced, which causes a lot of
incompatibilities. A slightly better option would be to start from an
earlier tproxy4.1 release and readd the functionality that were finished
right before kernel integration.
--
Bazsi
More information about the tproxy
mailing list