> have you try my last hints ?
> I'm using fc4 , then upgrade it to kernel 2.6.15.7 ( did you use fc5 ? then
> I could be some problem to downgrade from original 2.6.16 to 2.6.15 ?) &
> patch cttproxy-2.6.15-2.0.4.tar.gz
I try to pacth iptables-1.3.0 with unsunccessfully results.
THE SOLUTION: ;D
Sunil I have been solved the problems of tproxy(If i have been able to
implement it you will be must able ;)
First of all, I have Gentoo GNU/Linux :)
The steps to implement tproxy are the followings:
- Downolad kernel-2.6.16 from kernel.org and patch it with:
http://people.balabit.hu/hidden/tproxy2-2.6.16_20060727.tar.bz2 (this is
not-officially released but works fine), compile it as a module.
- Download iptables-1.3.5.tar.gz from netfilter.org.
to install it: make KERNEL_DIR=<your kernel with tproxy support>
make install
- Copy your /usr/local/lib/iptables to /lib/iptables
- Download squid2.6STABLE2 and:
./configure --enable-linux-tproxy --enable-linux-netfilter && make
all && make install
- Check squid.conf:
http_port 3128 tproxy transparent
- Add a rule for iptables:
iptables -t tproxy -A PREROUTING -p tcp -m tcp --dport 80 -j TPROXY
--on-port 3128 --on-ip 0.0.0.0
- to check it:
Try to use squid in daemonize mode. Debug mode looks like spoofing
fail. Use a sniffer like ethereal or others.
Regards,
Angel Mieres.
-- Angel Mieres - amieres@eneotecnologia.com ///////////////////////////////////////// Gentoo has you...Received on Mon Aug 21 2006 - 06:45:09 MDT
This archive was generated by hypermail pre-2.1.9 : Fri Sep 01 2006 - 12:00:02 MDT