[prev in list] [next in list] [prev in thread] [next in thread] 

List:       linux-kernel
Subject:    Re: transproxy and linux-2.4
From:       Thomas Drillich <drillich () uniserve ! de>
Date:       2000-07-21 19:25:24
[Download RAW message or body]

Hi Alexander,

take a look at the squid - sources, they fetch the target host
from ipchains. Somebody has to write an extension for squid 
(or another proxy) for transparent proxy ;-)


"Alexander V. Lukyanov" wrote:
> 
> Hello!
> 
> I tried to setup transparent proxy on 2.4.0-pre4 kernel, with the following
> commands:
> 
> iptables --table nat -A PREROUTING -p tcp -d 0.0.0.0/0 --dport 80 -j REDIRECT --to-port 81
> iptables --table nat -A OUTPUT     -p tcp -d 0.0.0.0/0 --dport 80 -j REDIRECT --to-port 81
> 
> (OUTPUT for connections outgoing from localhost, old kernels like 2.2
> cannot do that)
> 
> Everything works if the HTTP request includes Host: field with port number.
> But if it is absent, the request goes to correct host but to port 81, this
> is where tproxy listens. This happens when connection originates at localhost,
> I have not tried it with forwarding yet.
> 
> I guess this is either a bug in kernel (which returns wrong port in
> getsockname), or there is some other method for retrieving original port
> number. I hope somebody knows it.
> 
> Thanks.
> 
> --
>    Alexander.
> 
> -
> To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
> the body of a message to majordomo@vger.rutgers.edu
> Please read the FAQ at http://www.tux.org/lkml/

-- 
mit freundlichem Gruss -- regards
        ,-,
       |  |         Thomas Drillich <drillich@uniserve.de>
    ___|__|            Geschäftsführer ( CEO )
   (___,   )           uniserve Internet & Multimedia GmbH
   (___,   )\          Sophienweg 3
   (___,   ) \         Technologiezentrum (MIT)
    (___,_,)/ \        D-59872 Meschede Germany
        \              fon: +49 291 59100 , fax: +49 291 59102

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

[prev in list] [next in list] [prev in thread] [next in thread]