Hi Alexander,
take a look at the squid - sources, they fetch the target host
from ipchains. Somebody has to write an extension for squid
(or another proxy) for transparent proxy ;-)
"Alexander V. Lukyanov" wrote:
>
> Hello!
>
> I tried to setup transparent proxy on 2.4.0-pre4 kernel, with the following
> commands:
>
> iptables --table nat -A PREROUTING -p tcp -d 0.0.0.0/0 --dport 80 -j REDIRECT --to-port 81
> iptables --table nat -A OUTPUT -p tcp -d 0.0.0.0/0 --dport 80 -j REDIRECT --to-port 81
>
> (OUTPUT for connections outgoing from localhost, old kernels like 2.2
> cannot do that)
>
> Everything works if the HTTP request includes Host: field with port number.
> But if it is absent, the request goes to correct host but to port 81, this
> is where tproxy listens. This happens when connection originates at localhost,
> I have not tried it with forwarding yet.
>
> I guess this is either a bug in kernel (which returns wrong port in
> getsockname), or there is some other method for retrieving original port
> number. I hope somebody knows it.
>
> Thanks.
>
> --
> Alexander.
>
> -
> To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
> the body of a message to majordomo@vger.rutgers.edu
> Please read the FAQ at http://www.tux.org/lkml/
--
mit freundlichem Gruss -- regards
,-,
| | Thomas Drillich <drillich@uniserve.de>
___|__| Gesch�ftsf�hrer ( CEO )
(___, ) uniserve Internet & Multimedia GmbH
(___, )\ Sophienweg 3
(___, ) \ Technologiezentrum (MIT)
(___,_,)/ \ D-59872 Meschede Germany
\ fon: +49 291 59100 , fax: +49 291 59102
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Sun Jul 23 2000 - 21:00:16 EST