Hi Joe, Thanks for the reply.
Yes that TPROXY=1 is set when running the make command make TPROXY=1 However, we 'think' we may have found the issue now after some more digging around looks like I'm missing a section from within the config.c file to allow the TProxy directive to be understood but I'm going to have another look tomorrow now. Likewise I'll do a gitpull on your branch and give the 'IPTransparent' option ago. ~Scott On 20 October 2015 at 16:04, Joe Gooch <[email protected]> wrote: > Did you change TPROXY=1 in the Makefile? Looks like unless you do that, > it's not included. > > The other option I see is to use my version of a similar thing: > > https://github.com/goochjj/pound/commit/65e14aa8b52f9170f513399bfe430a1c66a9e34b > > Your kernel headers need to include the IP options, and then transproxy > works for ipv6 listeners, freebind for ipv4 listeners. > -- > Joe > > Confidentiality Notice: This e-mail transmission may contain confidential > and legally privileged information that is intended only for the individual > named in the e-mail address. If you are not the intended recipient, you are > hereby notified that any disclosure, copying, distribution, or reliance > upon the contents of this e-mail message is strictly prohibited. If you > have received this e-mail transmission in error, please reply to the > sender, so that proper delivery can be arranged, and please delete the > message from your mail box. > > > > Joseph Gooch > > www.sapphirek12.org | office: (866) 366-9540 > > > > *CONFIDENTIALITY STATEMENT* > > *The documents and communication included in this email transmission may > contain confidential information. All information is intended only for the > use of the above named recipient(s). If you are not the named recipient, > you are NOT authorized to read, disclose, copy, distribute, or take any > action on the information and any action other than immediate delivery to > the named recipient is strictly prohibited. If you have received this email > in error, do NOT read the information and please immediately notify sender > by telephone and email and immediately delete this email. If you are the > named recipient, you are NOT authorized to reveal any of this information > to any unauthorized person and are hereby instructed to delete this email > when no longer needed. * > > From: Scott McKeown <[email protected]> > Reply-To: "[email protected]" <[email protected]> > Date: Tuesday, October 20, 2015 at 5:25 AM > To: Pound Mailing List <[email protected]> > Subject: [Pound Mailing List] Pound 2.7 and TProxy > > Hello Everyone, > > I've finally got to admit defeat on getting this patch to work and I was > wondering if anyone out there could please give me a hand getting this to > work. > > I've attached the patch file for anyone to play with but what I'm trying > to do is get Unix TProxy to work with pound 2.7 again, the original version > of this patch has been working since pound v2.4. > > Anyhow, the patch compiles into the latest version but if you add "TProxy > 1" into the configuration you get a 'unknown directive' error > > > *Config File:* > # cat /etc/pound/pound.cfg > # Pound configuration file generated by loadbalancer.org appliance > User "nobody" > Group "nobody" > LogLevel 0 > Client 30 > Timeout 60 > Threads 250 > TProxy 1 > > ListenHTTPS > # Label: pound1 > Address 192.168.63.59 > Port 443 > Cert "/etc/loadbalancer.org/certs/server.pem" > xHTTP 3 > ReWriteLocation 1 > Ciphers > "ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS" > SSLHonorCipherOrder 1 > SSLAllowClientRenegotiation 0 > Disable SSLv2 > Disable SSLv3 > Service > BackEnd > Address 192.168.64.254 > Port 80 > TProxy 1 > End > End > End > > > *Start Up:* > # /usr/local/sbin/pound > starting... > detect_tproxy(): tproxy is is detected > tproxy: available > /etc/pound/pound.cfg line 8: unknown directive - aborted > > > > > -- > With Kind Regards. > > Scott McKeown > Loadbalancer.org > http://www.loadbalancer.org > Tel (UK) - +44 (0) 3303801064 (24x7) > Tel (US) - +1 888.867.9504 (Toll Free)(24x7) > -- With Kind Regards. Scott McKeown Loadbalancer.org http://www.loadbalancer.org Tel (UK) - +44 (0) 3303801064 (24x7) Tel (US) - +1 888.867.9504 (Toll Free)(24x7)
