| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <d5cf4b4f0911222251u1589c66ar78810d5b9d87cb5e@mail.gmail.com>
Date: Mon, 23 Nov 2009 15:51:36 +0900
From: 박제호 <linuxpark@...il.com>
To: tproxy@...ts.balabit.hu, netfilter-announce@...ts.netfilter.org,
netfilter@...ts.netfilter.org, netdev@...r.kernel.org
Cc: rnd@...m.net, dylee@...m.net
Subject: [HELP] Tproxy server Can't receive any client packet
Hello everyone
i have a problem in my transparent proxy test,
i recently made up the testbed as below to run the tproxy patched
apache proxy [mod_proxy],
and i applied all iptables and routing rules with referencing the
readme file [http://www.balabit.com/downloads/files/tproxy/README.txt,
http://www.mjmwired.net/kernel/Documentation/networking/tproxy.txt]
the proxy server listening the port 3128 and i checked there were no problem.
but when the client tried to connect the web server,
the packets reached to the box and i found the usage counts of filter
rules in the mangle table incresed
but my tproxy server could not receive any corresponding packet from the socket
I want to know why my proxy server can't receive any packet through the socket,
Do i need some more DNAT rules ?
---------------- testbed ---------------
[client ] <-----> [tproxy patched apache mod_proxy] <-----> [web server]
---------------------------------------------------
proxybox
[Environment of the tproxy server]
1. kernel
kernel 2.6.24 +
tproxy-kernel-2.6.24-20080602-165651-1212418611.tar.bz2
[http://www.balabit.com/downloads/files/tproxy/tproxy-kernel-2.6.24-20080602-165651-1212418611.tar.bz2]
2. iptables
iptables 4.0 + tproxy-iptables-1.4.0-20080521-113954-1211362794.patc
[http://www.balabit.com/downloads/files/tproxy/tproxy-iptables-1.4.0-20080521-113954-1211362794.patch]
3. apache
apache 2.2.9 + httpd-2.2.9-tproxy.patch [i got this patch
from google and ported it to this version ]
here are the config files of the kernel and apache proxy
Download attachment "httpd-2.2.9-tproxy.patch" of type "application/octet-stream" (14590 bytes)
Download attachment "config-2.6.24" of type "application/octet-stream" (87771 bytes)
Download attachment "httpd.conf" of type "application/octet-stream" (14002 bytes)
Powered by blists - more mailing lists