Hi Everyone, Right we finally got this working so anyone that is also wanting to use TProxy with Pound v2.7 the patch file is attached.
patch -i pound_2.7_with_tproxy.patch --verbose --ignore-whitespace On 20 October 2015 at 16:19, Scott McKeown <[email protected]> wrote: > Hi Joe, > > Thanks for the reply. > > Yes that TPROXY=1 is set when running the make command > > make TPROXY=1 > > However, we 'think' we may have found the issue now after some more > digging around looks like I'm missing a section from within the config.c > file to allow the TProxy directive to be understood but I'm going to have > another look tomorrow now. > > Likewise I'll do a gitpull on your branch and give the 'IPTransparent' > option ago. > > > ~Scott > > On 20 October 2015 at 16:04, Joe Gooch <[email protected]> wrote: > >> Did you change TPROXY=1 in the Makefile? Looks like unless you do that, >> it's not included. >> >> The other option I see is to use my version of a similar thing: >> >> https://github.com/goochjj/pound/commit/65e14aa8b52f9170f513399bfe430a1c66a9e34b >> >> Your kernel headers need to include the IP options, and then transproxy >> works for ipv6 listeners, freebind for ipv4 listeners. >> -- >> Joe >> >> Confidentiality Notice: This e-mail transmission may contain confidential >> and legally privileged information that is intended only for the individual >> named in the e-mail address. If you are not the intended recipient, you are >> hereby notified that any disclosure, copying, distribution, or reliance >> upon the contents of this e-mail message is strictly prohibited. If you >> have received this e-mail transmission in error, please reply to the >> sender, so that proper delivery can be arranged, and please delete the >> message from your mail box. >> >> >> >> Joseph Gooch >> >> www.sapphirek12.org | office: (866) 366-9540 >> >> >> >> *CONFIDENTIALITY STATEMENT* >> >> *The documents and communication included in this email transmission may >> contain confidential information. All information is intended only for the >> use of the above named recipient(s). If you are not the named recipient, >> you are NOT authorized to read, disclose, copy, distribute, or take any >> action on the information and any action other than immediate delivery to >> the named recipient is strictly prohibited. If you have received this email >> in error, do NOT read the information and please immediately notify sender >> by telephone and email and immediately delete this email. If you are the >> named recipient, you are NOT authorized to reveal any of this information >> to any unauthorized person and are hereby instructed to delete this email >> when no longer needed. * >> >> From: Scott McKeown <[email protected]> >> Reply-To: "[email protected]" <[email protected]> >> Date: Tuesday, October 20, 2015 at 5:25 AM >> To: Pound Mailing List <[email protected]> >> Subject: [Pound Mailing List] Pound 2.7 and TProxy >> >> Hello Everyone, >> >> I've finally got to admit defeat on getting this patch to work and I was >> wondering if anyone out there could please give me a hand getting this to >> work. >> >> I've attached the patch file for anyone to play with but what I'm trying >> to do is get Unix TProxy to work with pound 2.7 again, the original version >> of this patch has been working since pound v2.4. >> >> Anyhow, the patch compiles into the latest version but if you add "TProxy >> 1" into the configuration you get a 'unknown directive' error >> >> >> *Config File:* >> # cat /etc/pound/pound.cfg >> # Pound configuration file generated by loadbalancer.org appliance >> User "nobody" >> Group "nobody" >> LogLevel 0 >> Client 30 >> Timeout 60 >> Threads 250 >> TProxy 1 >> >> ListenHTTPS >> # Label: pound1 >> Address 192.168.63.59 >> Port 443 >> Cert "/etc/loadbalancer.org/certs/server.pem" >> xHTTP 3 >> ReWriteLocation 1 >> Ciphers >> "ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS" >> SSLHonorCipherOrder 1 >> SSLAllowClientRenegotiation 0 >> Disable SSLv2 >> Disable SSLv3 >> Service >> BackEnd >> Address 192.168.64.254 >> Port 80 >> TProxy 1 >> End >> End >> End >> >> >> *Start Up:* >> # /usr/local/sbin/pound >> starting... >> detect_tproxy(): tproxy is is detected >> tproxy: available >> /etc/pound/pound.cfg line 8: unknown directive - aborted >> >> >> >> >> -- >> With Kind Regards. >> >> Scott McKeown >> Loadbalancer.org >> http://www.loadbalancer.org >> Tel (UK) - +44 (0) 3303801064 (24x7) >> Tel (US) - +1 888.867.9504 (Toll Free)(24x7) >> > > > > -- > With Kind Regards. > > Scott McKeown > Loadbalancer.org > http://www.loadbalancer.org > Tel (UK) - +44 (0) 3303801064 (24x7) > Tel (US) - +1 888.867.9504 (Toll Free)(24x7) > -- With Kind Regards. Scott McKeown Loadbalancer.org http://www.loadbalancer.org Tel (UK) - +44 (0) 3303801064 (24x7) Tel (US) - +1 888.867.9504 (Toll Free)(24x7)
pound_2.7_with_tproxy.patch
Description: Binary data
