Carlo, Sorry got busy and forgot to post back to you, I was going to ask whats your output from :
iptables -L -t mangle Chain PREROUTING (policy ACCEPT) target prot opt source destination MARK tcp -- 192.168.2.0/24 anywhere tcp dpt:http MARK set 0x1 DIVERT tcp -- anywhere anywhere socket Is the divert to socket in place? 2009/5/11 Carlo Granisso <[email protected]> > > Hello everybody, I have a problem with haproxy (1.3.17) and kernel 2.6.29 > > I have successfully recompiled my kernel with TPROXY modules and installed > haproxy (compiled from source with tproxy option enabled) and installed > iptables 1.4.3 (that have tproxy patch). > Now I can't use transparent proxy function: if I leave in haproxy.cfg this > line "source 0.0.0.0 usesrc clientip" haproxy say "503 - Service unavailable". > If I comment out the line, everything work fine (without transparent proxy). > > My situation: > > haproxy with two ethernet device: first one for public IP, sceond one for > private IP (192.168.XX.XX) > two web server with one ethernet for each one connected to my private network. > > > > Have you got ideas or you can provide me examples? > > > Thanks, > > > Carlo -- Regards, Malcolm Turnbull. Loadbalancer.org Ltd. Phone: +44 (0)870 443 8779 http://www.loadbalancer.org/
