[tproxy] Sample/test code
文剑
wenjianhn at gmail.com
Mon May 2 13:42:33 CEST 2011
Hi,
*
*I want to write a full transparency proxy too.
Squid and haproxy are so complicated that i can't quickly understand how
tproxy works.
And I am new to iptables.
If there is a sample peace of code which is simple, I think it would be
helpful.
I wrote some code which failed at initiating connections with a foreign
address as a source.
The reason is timeout while attempting connection.
Where am I wrong?
Thanks.
My code:
#define NON_LOCAL_IP "192.168.111.23"
#define NON_LOCAL_PORT 2000
int sockfd = socket(AF_INET, SOCK_STREAM, 0);
memset (&non_local_addr, 0, sizeof(non_local_addr));
non_local_addr.sin_family = AF_INET;
dst_addr.sin_addr.s_addr = inet_addr(NON_LOCAL_IP);
inet_pton(AF_INET, NON_LOCAL_IP, &non_local_addr.sin_addr);
non_local_addr.sin_port = htons(NON_LOCAL_PORT);
setsockopt(sockfd, SOL_SOCKET, SO_REUSEADDR, &optvalue, sizeof(optvalue));
setsockopt(sockfd, SOL_IP, IP_TRANSPARENT, &optvalue, sizeof(optvalue));
bind(sockfd, (struct sockaddr *)&non_local_addr, sizeof(non_local_addr));
memset(&dst_addr, 0, sizeof(dst_addr));
dst_addr.sin_family = AF_INET;
dst_addr.sin_addr.s_addr = inet_addr("192.168.1.1");
dst_addr.sin_port = htons(80);
connect(sockfd, (struct sockaddr *) &dst_addr, sizeof(dst_addr)); //
ETIMEOUT
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.balabit.hu/pipermail/tproxy/attachments/20110502/12439f81/attachment.htm
More information about the tproxy
mailing list