Re: transparent proxy document problems

Mon, 27 Dec 2010 01:14:59 -0800 

yes, i `ve tried the standard forward way, the ats can not received
the request neither. If no build for transparent, the forward way
works.

2010/12/27 [email protected] <[email protected]>:
> have you try the standard forward proxy setup?
> the common forwarding proxy should at least set:
>    * traffic_line -s proxy.config.reverse_proxy.enabled -v 0
>    * traffic_line -s proxy.config.url_remap.remap_required -v 0
> have you change proxy.config.url_remap.remap_required to '0'? the
> default is '1' for reverse proxy.
>
> I's sugest you setup a standard proxy first. turn on debug mode help you
> at any question.
>
> thanks
>
> 在 2010-12-27一的 14:50 +0800,魏晋写道:
>> Hi
>>     I build ATS for transparent, and I configured the computer in
>> bridge mode according to the "Inline on Linux bridge" document.
>> However, the transparent proxy did not work, even not receive the
>> client request.
>>
>>     the ats version: 2.1.4-unstable
>>     the os system: ubuntu-10.04(kernel: 2.6.32-27-generic)
>>
>>     the record.config file
>>         ...
>>            proxy.config.http.server_port INT 8080
>>            proxy.config.http.server_port_attr STRING =
>>            proxy.config.reverse_proxy.enable INT 1
>>            proxy.config.url_remap.remap_required INT 0
>>            proxy.config.cluster.ethernet_interface STRING br0
>>
>>     BTW: I added "-t mangle" in the two iptables commands, or they
>> would generate the error message
>>  "iptables: No chain/target/match by that name."  in my system.
>>
>>     my system config
>>
>>           brctl addbr br0 # create bridge device
>>           brctl stp br0 off # Disable spanning tree protocol
>>           brctl addif br0 eth0 # Add eth0 to bridge
>>           brctl addif br0 eth1 # Add eth1 to bridge
>>
>>           ifconfig eth0 0 0.0.0.0 # Get rid of interface IP addresses
>>           ifconfig eth1 0 0.0.0.0 # ditto
>>           # Set the bridge IP address and enable it
>>           ifconfig br0 192.168.8.206 netmask 255.255.255.0 up
>>           route add default gw 192.168.8.1
>>           ebtables -t broute -F
>>            # inbound traffic
>>            ebtables -t broute -A BROUTING -p IPv4 --ip-proto tcp --ip-dport 
>> 80 \
>>            -j redirect --redirect-target DROP
>>            # returning outbound traffic
>>            ebtables -t broute -A BROUTING -p IPv4 --ip-proto tcp --ip-sport 
>> 80 \
>>            -j redirect --redirect-target DROP
>>
>>            iptables -t mangle -A PREROUTING -i eth1 -p tcp -m tcp --dport 80 
>> \
>>            -j TPROXY --on-ip 0.0.0.0 --on-port 8080 --tproxy-mark 1/1
>>            iptables -t mangle -A PREROUTING -i eth0 -p tcp -m tcp --sport 80 
>> \
>>            -j MARK --set-mark 1/1
>
>
>

Reply via email to