-------- Original Message --------

Subject: Re: [Shorewall-users] tproxy problem
Date: Thu, 30 Jun 2011 01:38:46 -0300
From: Ricardo Rios - Shorewall List <shorewall@malargue.gov.ar>
To: Shorewall Users <shorewall-users@lists.sourceforge.net>


On Wed, 29 Jun 2011 20:02:06 -0700, Tom Eastep wrote:

Thanks, Ricardo
Fix will be in 4.4.21.

On Jun 29, 2011, at 7:49 PM, Ricardo Rios - Shorewall List wrote:

On Wed, 29 Jun 2011 19:31:40 -0700, Tom Eastep wrote:

On Jun 29, 2011, at 6:55 PM, Ricardo Rios - Shorewall List wrote:
On Wed, 29 Jun 2011 18:47:21 -0700, Tom Eastep wrote:

No -- Your version of Shorewall is generating an invalid rule (note that there is no whitespace between TPROXY and --on-port). Which version are you running?

I am using Shorewall-

Try the attached patch:
patch /usr/share/shorewall/Shorewall/Tc.pm < TPROXY.patch

Patch working

shorewall show tc : 

57142 2917K TPROXY     tcp  --  eth5   *              tcp dpt:80 TPROXY redirect mark 0x3/0xffffffff


Thanks Tom.


All of the data generated in your IT infrastructure is seriously valuable.
Why? It contains a definitive record of application performance, security
threats, fraudulent activity, and more. Splunk takes this data and makes
sense of it. IT sense. And common sense.
Shorewall-users mailing list

Tom Eastep        \ When I die, I want to go like my Grandfather who
Shoreline,         \ died peacefully in his sleep. Not screaming like
Washington, USA     \ all of the passengers in his car
http://shorewall.net \________________________________________________

Hi Tom, sorry if i re-open this, i have another issue now, i dunno if is something of shorewall or the tproxy support.

After i follow http://www.shorewall.net/Shorewall_Squid_Usage.html#TPROXY

i get alof of this logs in /var/log/firewall : http://pastebin.com/iLMG7xzM

what is weird, because says "lan2fw" but the destination IP is a public IP ?

Shorewall Dump > http://pastebin.com/ktWQBrDH


Thanks for your time Tom.