On Wed, 29 Jun 2011 19:31:40 -0700, Tom Eastep wrote:

On Jun 29, 2011, at 6:55 PM, Ricardo Rios - Shorewall List wrote:
On Wed, 29 Jun 2011 18:47:21 -0700, Tom Eastep wrote:

No -- Your version of Shorewall is generating an invalid rule (note that there is no whitespace between TPROXY and --on-port). Which version are you running?

I am using Shorewall-

Try the attached patch:
patch /usr/share/shorewall/Shorewall/Tc.pm < TPROXY.patch

Patch working

shorewall show tc : 

57142 2917K TPROXY     tcp  --  eth5   *              tcp dpt:80 TPROXY redirect mark 0x3/0xffffffff


Thanks Tom.