[tproxy] I need help with tproxy

Welisson welissontome at ig.com.br
Tue Jun 30 16:51:16 CEST 2009


Yes, i did configure the line "tcp_outgoing_address" in squid.conf, but
exactly thus it didn't  resolved. The server not configure as Bridge Mode,
and not Gateway mode.
As i said, i redirect the request with destination port 80 of out eth2
(Clients) gateway to eth1 (Proxy/Tproxy), to later out eth0 (link Internet).
I am try route advanced with ip route, but without solution.
The answers, yes.
That is possible to be making activating tproxy, in another server and
redirected all request with destination port 80, that they are passes for
mine gateway, for this server whti squid/tproxy?



2009/6/30 Vivek <vivek at visolve.com>

> Did you configure the servers as Bridge Mode ?  Error : port=0 ERROR ASSIGN
> means you didn't configure the ' tcp_outgoing_address ' in squid.conf.
>
> Regards
> Vivek
>
> Welisson wrote:
>
>> I would like of a help of yours, in the following situations.
>>
>> I need redirect all request of port 80, to my proxy server with tproxy
>> active, however it will not be gateway of my network.
>> I am using Debian 5 Etch, kernel 2.6.19 in the two servers and iptables
>> 1.3.7.
>> However i did the following, i redirected of gateway to my proxy server
>> using the command below;
>>
>> iptables -t tproxy -A PREROUTING -s 189.111.xxx.2 -p TCP --dport 80 -j
>> TPROXY --on-ip 189.4xx.xxx.10 --on-port 3129
>>  I got the error below in cache.log
>>
>> 2009/06/29 14:38:58| tproxy ip=189.111.xxx.2,0x2a07fbd,port=0 ERROR ASSIGN
>>
>> Then i did a DNAT rule, e.g below
>>
>> iptables -t nat -A PREROUTING -s 189.111.xxx.2 -p TCP --dport 80 -j DNAT
>> --to-destination 189.4xx.xxx.10
>>
>> and in proxy server the following command
>>
>> iptables -t tproxy -A PREROUTING -s 189.111.xxx.2 -p TCP --dport 80 -j
>> TPROXY  --on-port 3129
>>
>> The request finised giving timeout.
>>
>>
>> I would like know, if possible used tproxy in this situation.
>>
>> station <---------->gateway<---------->InterNet
>>                               | redirected to proxy using iptables
>>                       Proxy/Tproxy
>>
>> Regards
>>
>>
>>
>>
>>
>> ------------------------------------------------------------------------
>>
>> _______________________________________________
>> tproxy mailing list
>> tproxy at lists.balabit.hu
>> https://lists.balabit.hu/mailman/listinfo/tproxy
>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.balabit.hu/pipermail/tproxy/attachments/20090630/d63ced0a/attachment.htm 


More information about the tproxy mailing list