trafficserver-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Jay Li (jianli)" <jia...@cisco.com>
Subject Re: how can we config ATS as full transparent proxy
Date Thu, 18 Sep 2014 04:21:27 GMT
Hi, Alan 

Thank you.  And there are two interfaces (eth0/eth1) in your example and
the mangle table is below.

iptables -t mangle --flush PREROUTING
if (( $INBOUND )) ; then
iptables -t mangle -A PREROUTING -i eth1 -p tcp -m tcp --dport 80 -j
TPROXY --on-ip 0.0.0.0 --on-port 8080 --tproxy-mark 1/1
fi
if (( $OUTBOUND )) ; then
iptables -t mangle -A PREROUTING -i eth0 -p tcp -m tcp --sport 80 -j MARK
--set-mark 1/1
Fi

But in case that I have only one interface in my ATS server for both
inbound and outbound traffic (like single arm route), is it possible for
transparent proxy?  Can I just change eth1 to eth0 in mangle table?


iptables -t mangle --flush PREROUTING
if (( $INBOUND )) ; then
iptables -t mangle -A PREROUTING -i eth0 -p tcp -m tcp --dport 80 -j
TPROXY --on-ip 0.0.0.0 --on-port 8080 --tproxy-mark 1/1  /// eth1->eth0
fi
if (( $OUTBOUND )) ; then
iptables -t mangle -A PREROUTING -i eth0 -p tcp -m tcp --sport 80 -j MARK
--set-mark 1/1
Fi


Regards


Jay





On 9/17/14, 8:24 PM, "Alan M. Carroll" <amc@network-geographics.com> wrote:

>Wednesday, September 17, 2014, 4:10:40 AM, you wrote:
>> I am a junior of ATS.  In order to make inbound and outbound
>>transparent proxy cache server , is there anybody help to provide a
>>workable config for reference?  Thank you!
>
>This would be a good place to start -
>http://archive.apachecon.com/na2013/presentations/27-Wednesday/A_Patchy_We
>b/16:15-Apache_Traffic_Server.pdf
>


Mime
View raw message