[tproxy] [tproxy,regression] tproxy broken in 2.6.32
KOVACS Krisztian
hidden at balabit.hu
Thu Dec 3 15:07:44 CET 2009
Hi,
On Thu, 2009-12-03 at 14:55 +0100, Patrick McHardy wrote:
> jamal wrote:
> > BTW, it should be noted that the change from Patrick to fib_validate
> > which allows to accept local routes from will also solve this problem.
> > My suggestion below is to restore old expected behavior..
>
> Agreed, the accept_local sysctl should not be misused for this,
> otherwise TPROXY setups wouldn't have source validation anymore.
Absolutely agreed.
Cheers,
Krisztian
More information about the tproxy
mailing list