On 03.03.2012 14:19, David Touzeau wrote:
Your are right Amos.
If need iptables 1.4.10 and kernel 2.6.37
and Debian backports provide iptables 1.4.8 and kernel 3.0
It is not possible with debian squeeze to use correctly TProxy mode.
I think this should be the reason that in my previous post, i
2012/3/2 Yucong Sun (叶雨飞) sunyuc...@gmail.com:
I think what happens is the document seems to be wrong, the kernel
already has TPROXY compiled in , look for /boot/config- and
search for TPROXY, it should says m.
for the iptables rules, you will need to use mangle table, there's no
On 06.03.2012 11:42, E.S. Rosenberg wrote:
2012/3/2 Yucong Sun (叶雨飞):
I think what happens is the document seems to be wrong, the kernel
already has TPROXY compiled in , look for /boot/config- and
search for TPROXY, it should says m.
for the iptables rules, you will need to use mangle
2012/3/6 Amos Jeffries squ...@treenet.co.nz:
On 06.03.2012 11:42, E.S. Rosenberg wrote:
2012/3/2 Yucong Sun (叶雨飞):
I think what happens is the document seems to be wrong, the kernel
already has TPROXY compiled in , look for /boot/config- and
search for TPROXY, it should says m.
for
On 06.03.2012 12:54, E.S. Rosenberg wrote:
2012/3/6 Amos Jeffries squ...@treenet.co.nz:
On 06.03.2012 11:42, E.S. Rosenberg wrote:
2012/3/2 Yucong Sun (叶雨飞):
I think what happens is the document seems to be wrong, the kernel
already has TPROXY compiled in , look for /boot/config- and
Thanks Amos
This is my debian kernel version
Linux squid32.localhost.localdomain 2.6.32-5-686 #1 SMP Mon Jan 16
16:04:25 UTC 2012 i686 GNU/Linux
iptables -t tproxy -A PREROUTING -i eth0 -p tcp -m tcp --dport 80 -j
TPROXY --on-port 80
WARNING: All config files need .conf:
On 2/03/2012 11:03 p.m., David Touzeau wrote:
Thanks Amos
This is my debian kernel version
Linux squid32.localhost.localdomain 2.6.32-5-686 #1 SMP Mon Jan 16
16:04:25 UTC 2012 i686 GNU/Linux
iptables -t tproxy -A PREROUTING -i eth0 -p tcp -m tcp --dport 80 -j
TPROXY --on-port 80
Thanks Amos
So to be clear for me
I need to enable backports in my sources.list and upgrade the kernel
version to 2.6.37 or above in order to make TPROXY already compiled in
the kernel ?
Le 02/03/2012 16:01, Amos Jeffries a écrit :
On 2/03/2012 11:03 p.m., David Touzeau wrote:
Thanks
On 3/03/2012 4:37 a.m., David Touzeau wrote:
Thanks Amos
So to be clear for me
I need to enable backports in my sources.list and upgrade the kernel
version to 2.6.37 or above in order to make TPROXY already compiled in
the kernel ?
Probably. I dont know exactly what kernel is in
OK thanks Amos
I will try it
and send to the list my results...
Le 02/03/2012 16:55, Amos Jeffries a écrit :
On 3/03/2012 4:37 a.m., David Touzeau wrote:
Thanks Amos
So to be clear for me
I need to enable backports in my sources.list and upgrade the kernel
version to 2.6.37 or above
There is bad news, backports did not change something according Tproxy
Only kernel 3.2x is available on backports repository.
apt-get install -t squeeze-backports linux-image-3.2.0-0.bpo.1-686-pae
apt-get install -t squeeze-backports upgrade
reboot
my kernel is now
Linux
I think what happens is the document seems to be wrong, the kernel
already has TPROXY compiled in , look for /boot/config- and
search for TPROXY, it should says m.
for the iptables rules, you will need to use mangle table, there's no
tproxy table anymore.
as such
iptables -t mangle -A
it's a linux module and you should first check if it exists or loaded.
use:
lsmod |grep -i tproxy
to see if it's loaded
to check if the kernel has a built module you should run:
modprobe -l |egrep -i tproxy|socket
you should have 2 modules for tproxy and also some iptable socket moduels.
if
Yucong and Eliezer ... Your are definitively right
I fact the tproxy using your method exists on debian squeeze kernel.
That's good
but now i have issue using the tproxy mode.
I have set the network in kernel
sysctl -w net.ipv4.ip_forward=1
sysctl -w net.ipv4.conf.default.send_redirects=0
I must be going senile
Your original message had:
iptables v1.4.8: can't initialize iptables table `tproxy': Table does not
exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded
But...
Your are right Amos.
If need iptables 1.4.10 and kernel 2.6.37
and Debian backports provide iptables 1.4.8 and kernel 3.0
It is not possible with debian squeeze to use correctly TProxy mode.
I think this should be the reason that in my previous post, i had many
issues implementing TProxy mode.
Dear
I would like to implement TProxy with Debian squeeze for Squid 3.2x
Is there a freshed howto somewhere that explain how to correctly build
the debian kernel in order to enable Tproxy ?
Best regards
On 2/03/2012 2:46 p.m., David Touzeau wrote:
Dear
I would like to implement TProxy with Debian squeeze for Squid 3.2x
Is there a freshed howto somewhere that explain how to correctly build
the debian kernel in order to enable Tproxy ?
Best regards
The Squeeze kernel should work out of the
18 matches
Mail list logo