-------- Original Message --------

Subject: Re: [Shorewall-users] tproxy problem
Date: Thu, 30 Jun 2011 01:38:46 -0300
From: Ricardo Rios - Shorewall List <shorewall@malargue.gov.ar>
To: Shorewall Users <shorewall-users@lists.sourceforge.net>

 

On Wed, 29 Jun 2011 20:02:06 -0700, Tom Eastep wrote:

Thanks, Ricardo
Fix will be in 4.4.21.
-Tom

On Jun 29, 2011, at 7:49 PM, Ricardo Rios - Shorewall List wrote:


On Wed, 29 Jun 2011 19:31:40 -0700, Tom Eastep wrote:


On Jun 29, 2011, at 6:55 PM, Ricardo Rios - Shorewall List wrote:
On Wed, 29 Jun 2011 18:47:21 -0700, Tom Eastep wrote:

No -- Your version of Shorewall is generating an invalid rule (note that there is no whitespace between TPROXY and --on-port). Which version are you running?

I am using Shorewall-4.4.20.3

Try the attached patch:
patch /usr/share/shorewall/Shorewall/Tc.pm < TPROXY.patch
-Tom

Patch working

shorewall show tc : 

57142 2917K TPROXY     tcp  --  eth5   *       0.0.0.0/0            0.0.0.0/0            tcp dpt:80 TPROXY redirect 0.0.0.0:3128 mark 0x3/0xffffffff

 

Thanks Tom.

 

------------------------------------------------------------------------------
All of the data generated in your IT infrastructure is seriously valuable.
Why? It contains a definitive record of application performance, security
threats, fraudulent activity, and more. Splunk takes this data and makes
sense of it. IT sense. And common sense.
http://p.sf.net/sfu/splunk-d2d-c2_______________________________________________
Shorewall-users mailing list
Shorewall-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/shorewall-users

Tom Eastep        \ When I die, I want to go like my Grandfather who
Shoreline,         \ died peacefully in his sleep. Not screaming like
Washington, USA     \ all of the passengers in his car
http://shorewall.net \________________________________________________

Hi Tom, sorry if i re-open this, i have another issue now, i dunno if is something of shorewall or the tproxy support.

After i follow http://www.shorewall.net/Shorewall_Squid_Usage.html#TPROXY

i get alof of this logs in /var/log/firewall : http://pastebin.com/iLMG7xzM

what is weird, because says "lan2fw" but the destination IP is a public IP ?

Shorewall Dump > http://pastebin.com/ktWQBrDH

 

Thanks for your time Tom.