trafficserver-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Alan M. Carroll" <...@network-geographics.com>
Subject Re: transparent proxy document problems
Date Tue, 04 Jan 2011 03:58:02 GMT
I have ATS working in fully transparent mode on a bridged Linux box once again.

Could you check the FILTER chain to make sure that's not preventing connections?

Just to double check, you could do HTTP requests across the bridge before trying to get ATS
to work?

Here are some command outputs from my working system. You should check them against yours.

[root@tidus ~]# iptables-save
# Generated by iptables-save v1.4.7 on Mon Jan  3 21:48:59 2011
*mangle
:PREROUTING ACCEPT [62665:33268149]
:INPUT ACCEPT [47460:28434552]
:FORWARD ACCEPT [22286:5671065]
:OUTPUT ACCEPT [38554:11735201]
:POSTROUTING ACCEPT [60855:17406859]
-A PREROUTING -i eth1 -p tcp -m tcp --dport 80 -j TPROXY --on-port 8080 --on-ip 0.0.0.0 --tproxy-mark
0x1/0x1
-A PREROUTING -i eth0 -p tcp -m tcp --sport 80 -j MARK --set-xmark 0x1/0x1
COMMIT
# Completed on Mon Jan  3 21:48:59 2011
# Generated by iptables-save v1.4.7 on Mon Jan  3 21:48:59 2011
*filter
:INPUT ACCEPT [47484:28436623]
:FORWARD ACCEPT [22333:5679872]
:OUTPUT ACCEPT [38568:11736735]
COMMIT
# Completed on Mon Jan  3 21:48:59 2011


[root@tidus ~]# ebtables-save
# Generated by ebtables-save v1.0 on Mon Jan  3 21:49:15 CST 2011
*broute
:BROUTING ACCEPT
-A BROUTING -p IPv4 --ip-proto tcp --ip-dport 80 -j redirect  --redirect-target
DROP
-A BROUTING -p IPv4 --ip-proto tcp --ip-sport 80 -j redirect  --redirect-target
DROP

*filter
:INPUT ACCEPT
:FORWARD ACCEPT
:OUTPUT ACCEPT

[root@tidus ~]# ip rule show
0:      from all lookup local
32763:  from all fwmark 0x1/0x1 lookup 1
32766:  from all lookup main
32767:  from all lookup default

[root@tidus ~]# ip route show table 1
local default dev lo  scope host


Mime
View raw message