Re: Transparent proxy broken in 2.1.54

Jos Vos (jos@xos.nl)
Wed, 17 Sep 1997 00:35:54 +0200

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Chris Evans: "Process accounting question"
Previous message: JuanJo Ciarlante: "ip_alias BUGFIX for pre-2.0.31-9"

> > Chris Evans wrote:
> >
> > > Subject says it all really. I'm using a simple rule to redirect traffic
> > > aimed at port 80, to port 8080 (nice way to avoid having to run a web
> > > server as root).
> >
> > This is an interesting statement, as transparent proxying is broken
> > in 2.0.30, 2.0.31-pre1-9 and most 2.1.x kernels (so it didn't work
> > in 2.0.31-pre9 either, _when_ the redirect port was different from
> > the original port). Don't know how this could work for you...
>
> Well, I've checked, and it works under pre9 here... :-) I gran httpd on
> port 8080 and redirected 80->8080. Hitting port 80 with lynx worked....

Maybe this is caused by the fact that the host specified with -D is
the local host, not some external host. Look what happens when you
do something like

ipfwadm -I -r 23 -S yournet/24 -D www.microsoft.com 600

and do a "telnet www.microsoft.com 600" from another machine (when
the packets are routed through your Linux system, of course).
You should get a telnet-session to your Linux system.

-- 
--    Jos Vos <jos@xos.nl>
--    X/OS Experts in Open Systems BV   |   Phone: +31 20 6938364
--    Amsterdam, The Netherlands        |     Fax: +31 20 6948204

Next message: Chris Evans: "Process accounting question"
Previous message: JuanJo Ciarlante: "ip_alias BUGFIX for pre-2.0.31-9"