[prev in list] [next in list] [prev in thread] [next in thread]
List: tproxy
Subject: Re: [tproxy] bridge + cttpproxy setup
From: ferents zvika <ferents () cs ! bgu ! ac ! il>
Date: 2007-08-02 7:49:00
Message-ID: 200708020749.l727n0Ed012988 () indigo ! cs ! bgu ! ac ! il
[Download RAW message or body]
Hi,
I've implemented such product, but i was using iptables (instead of ebtables) .
i had DNAT rule that directs every packet (destined to the webserver) to my local \
process . something like : $> iptables -t nat -A PREROUTING -t <wevserver> ....
In addition, my server (the "local process) was using cttproxy for transparency on \
it's connection to the webserver . Is this solution applicable for your needs ?
zvika
On Thu 19 Jul 2:55 2007 Ramana Yarlagadda wrote:
>
> Hi there,
>
>
>
> From the archives I understand that cttpproxy will work in the bridge mode also. I \
> am trying to implement a layer 7 transparent proxy using ebtables and transparent \
> proxy. Is there are any document available on how to configure the ebtable and \
> iptable rules?
>
>
> I have tried based on my understanding the the client connection request is \
> terminated by the proxy server but the foreign connect from the proxy server to the \
> service ( http server) is failing.
>
>
> The packet is not going out, but is getting re-injected to the local process.
>
>
>
> The set up is:
>
>
>
> client <=====> eth0 [ proxy server] eth1- <=======> service/http server
>
>
>
> can somebody help me on this issue.
>
>
>
> -Thanks in advance
>
> -Ramana
>
>
[Attachment #3 (text/html)]
<div><span class="224192607-02082007">Hi,</span></div>
<div><span class="224192607-02082007">I've implemented such product, but i was using \
iptables (instead of ebtables) . </span></div>
<div><span class="224192607-02082007">i had DNAT rule that directs every packet \
(destined to the webserver) to my local process . something like :</span></div>
<div><span class="224192607-02082007"></span></div>
<div><span class="224192607-02082007"> $> iptables -t nat -A \
PREROUTING -t <wevserver> ....</span></div>
<div><span class="224192607-02082007"></span></div>
<div><span class="224192607-02082007">In addition, my server (the "local process) was \
using cttproxy for transparency on it's connection to the webserver .</span></div>
<div><span class="224192607-02082007"></span></div>
<div><span class="224192607-02082007">Is this solution applicable for your needs ? \
<br />zvika</span><br /></div>
<div style="FONT-SIZE: 85%; COLOR: #555555">On <i>Thu 19 Jul 2:55 2007</i> <b>Ramana \
Yarlagadda</b> wrote:</div> <blockquote style="PADDING-RIGHT: 4px; PADDING-LEFT: 4px; \
PADDING-BOTTOM: 4px; MARGIN: 6px 0px 6px 6px; BORDER-LEFT: #888888 1px solid; \
PADDING-TOP: 4px"> <div style="PADDING-RIGHT: 10px; PADDING-LEFT: 10px; FONT-SIZE: \
10pt; COLOR: #000000; PADDING-TOP: 15px; FONT-FAMILY: Arial" canvastabstop="true" \
topmargin="0" leftmargin="0" bgcolor="#ffffff"> <div>Hi there,</div>
<div></div>
<div>From the archives I understand that cttpproxy will work in the bridge mode also. \
I am trying to implement a layer 7 transparent proxy using ebtables and transparent \
proxy. Is there are any document available on how to configure the ebtable and \
iptable rules? </div>
<div></div>
<div>I have tried based on my understanding the the client connection request is \
terminated by the proxy server but the foreign connect from the proxy server to the \
service ( http server) is failing. </div>
<div></div>
<div>The packet is not going out, but is getting re-injected to the local \
process.</div>
<div></div>
<div>The set up is:</div>
<div></div>
<div> client <=====> eth0 \
[ proxy server] eth1- <=======> service/http server</div>
<div></div>
<div>can somebody help me on this issue.</div>
<div></div>
<div>-Thanks in advance</div>
<div>-Ramana</div>
</div>
</blockquote>
<pre style="FONT-SIZE: 85%"></pre>
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic