Displaying 20 results from an estimated 1000 matches similar to: "[Bug 1310] New: syntax issue with tproxy"
2019 Oct 15
2
Attempting to use tproxy on Centos 8 fails with 'No such file or directory'
I was working on a haproxy transparent proxy setup that we had working
on Centos 7 (iptables), but running into issues getting tproxy working
with NFTables on Centos 8.
>From https://www.kernel.org/doc/Documentation/networking/tproxy.txt,
It should be a matter of:
# nft add table filter
# nft add chain filter divert "{ type filter hook prerouting priority -150; }"
# nft add rule
2019 Oct 15
1
Attempting to use tproxy on Centos 8 fails with 'No such file or directory'
On 10/15/19 9:16 PM, Nathan Coulson wrote:
> On 2019-10-15 12:12 p.m., Nathan Coulson wrote:
>> I was working on a haproxy transparent proxy setup that we had working
>> on Centos 7 (iptables), but running into issues getting tproxy working
>> with NFTables on Centos 8.
>>
>> From https://www.kernel.org/doc/Documentation/networking/tproxy.txt,
>>
>> It
2019 Oct 15
0
Attempting to use tproxy on Centos 8 fails with 'No such file or directory'
On 2019-10-15 12:12 p.m., Nathan Coulson wrote:
> I was working on a haproxy transparent proxy setup that we had working
> on Centos 7 (iptables), but running into issues getting tproxy working
> with NFTables on Centos 8.
>
> From https://www.kernel.org/doc/Documentation/networking/tproxy.txt,
>
> It should be a matter of:
>
> # nft add table filter
> # nft add
2023 Jun 02
3
[Bug 1686] New: Transparent proxy support requires transport protocol match
https://bugzilla.netfilter.org/show_bug.cgi?id=1686
Bug ID: 1686
Summary: Transparent proxy support requires transport protocol
match
Product: nftables
Version: git (please specify your HEAD)
Hardware: x86_64
OS: All
Status: NEW
Severity: enhancement
Priority: P5
2010 Jun 15
4
TPROXY configuration
I''m trying to get TPROXY / Squid running and I have a few questions...
I found this page:
http://www.shorewall.net/Shorewall_Squid_Usage.html#TPROXY
However, it doesn''t explain what I''m seeing in the configuration.
For the zone file, do I keep my loc and net configurations and just add
the following to the file?
- lo - -
or do I remove the loc and net zones and
2020 Jan 16
2
[Bug 1398] New: tproxy rule is not matched for ip6
https://bugzilla.netfilter.org/show_bug.cgi?id=1398
Bug ID: 1398
Summary: tproxy rule is not matched for ip6
Product: nftables
Version: unspecified
Hardware: x86_64
OS: Ubuntu
Status: NEW
Severity: normal
Priority: P5
Component: kernel
Assignee: pablo at netfilter.org
2017 Aug 08
1
CentOS6, IP6tables, Routing, TPROXY (squid34 epel package)
Hello,
how do achieve this:
how must files /etc/sysconfig/network-scripts/ look like to be the same as
entering the following two commands ...
ip -f inet6 rule add fwmark 1 lookup 100
ip -f inet6 route add local ::/0 dev lo table 100
is there the localhost device lo correct, or does it have to be br0?
e.g.
a file route-br0 with
192.168.1.0/24 via 10.10.10.1 dev br0
does the routing to the
2020 Apr 10
15
[Bug 1422] New: iptables-nft fails to check / delete rules in raw table
https://bugzilla.netfilter.org/show_bug.cgi?id=1422
Bug ID: 1422
Summary: iptables-nft fails to check / delete rules in raw
table
Product: iptables
Version: 1.6.x
Hardware: x86_64
OS: Debian GNU/Linux
Status: NEW
Severity: major
Priority: P5
Component: iptables
2012 May 08
19
Shorewall, TPROXY, Transparent Squid and Multiples ISP
Hello,
I wonder if someone could use the TPROXY with Shorewall and
transparent Squid with using the routing rules on shorewall
(tcrules) for hosts / networks (LAN) with multiples providers (WANs)
directly from the internal network on port 80 (with TPROXY
transparent squid or REDIRECT).
On this issue, the routing rules is not work propertly because the
source is the
2016 Mar 08
4
[Bug 1057] New: Allow for multiple protocols to be specified in a rule
https://bugzilla.netfilter.org/show_bug.cgi?id=1057
Bug ID: 1057
Summary: Allow for multiple protocols to be specified in a rule
Product: nftables
Version: unspecified
Hardware: x86_64
OS: All
Status: NEW
Severity: enhancement
Priority: P5
Component: nft
Assignee: pablo at
2019 Oct 07
4
[Bug 1368] New: The "meta's"
https://bugzilla.netfilter.org/show_bug.cgi?id=1368
Bug ID: 1368
Summary: The "meta's"
Product: nftables
Version: unspecified
Hardware: x86_64
OS: All
Status: NEW
Severity: enhancement
Priority: P5
Component: nft
Assignee: pablo at netfilter.org
2013 Apr 26
0
TPROXY/IPv6: Documentation bugs?
In working through an IPv6/TPROXY issue I had, I believe I found a
documentation bug:
http://www.shorewall.net/manpages6/shorewall6-tcrules.html
In the ACTION section, for part 12. SAME:
The documentation lists:
#ACTION SOURCE DEST PROTO DEST
# PORT(S)
SAME:P 192.168.1.0/24 0.0.0.0/0 tcp
2019 Sep 05
4
[Bug 1364] New: nft list outputs mark rules with boolean or in a form that can be parsed by nft -f
https://bugzilla.netfilter.org/show_bug.cgi?id=1364
Bug ID: 1364
Summary: nft list outputs mark rules with boolean or in a form
that can be parsed by nft -f
Product: nftables
Version: unspecified
Hardware: x86_64
OS: All
Status: NEW
Severity: normal
Priority: P5
2011 Mar 31
3
[PATCH RESEND] net: convert xen-netfront to hw_features
Not tested in any way. The original code for offload setting seems broken
as it resets the features on every netback reconnect.
This will set GSO_ROBUST at device creation time (earlier than connect time).
RX checksum offload is forced on - so advertise as it is.
Signed-off-by: Micha? Miros?aw <mirq-linux at rere.qmqm.pl>
---
[I don't know Xen code enough to say this is correct. There
2011 Mar 31
3
[PATCH RESEND] net: convert xen-netfront to hw_features
Not tested in any way. The original code for offload setting seems broken
as it resets the features on every netback reconnect.
This will set GSO_ROBUST at device creation time (earlier than connect time).
RX checksum offload is forced on - so advertise as it is.
Signed-off-by: Micha? Miros?aw <mirq-linux at rere.qmqm.pl>
---
[I don't know Xen code enough to say this is correct. There
2011 Mar 31
3
[PATCH RESEND] net: convert xen-netfront to hw_features
Not tested in any way. The original code for offload setting seems broken
as it resets the features on every netback reconnect.
This will set GSO_ROBUST at device creation time (earlier than connect time).
RX checksum offload is forced on - so advertise as it is.
Signed-off-by: Micha? Miros?aw <mirq-linux at rere.qmqm.pl>
---
[I don't know Xen code enough to say this is correct. There
2017 Nov 24
8
[PATCH 00/13] remove_conflicting_framebuffers() cleanup
This series cleans up duplicated code for replacing firmware FB
driver with proper DRI driver and adds handover support to
Tegra driver.
The last patch is here because it uses new semantics of
remove_conflicting_framebuffers() from this series. This
can be considered independently, though.
---
Micha? Miros?aw (13):
fbdev: show fbdev number for debugging
fbdev: add
2017 Nov 24
8
[PATCH 00/13] remove_conflicting_framebuffers() cleanup
This series cleans up duplicated code for replacing firmware FB
driver with proper DRI driver and adds handover support to
Tegra driver.
The last patch is here because it uses new semantics of
remove_conflicting_framebuffers() from this series. This
can be considered independently, though.
---
Micha? Miros?aw (13):
fbdev: show fbdev number for debugging
fbdev: add
2018 Sep 01
17
[PATCH v3 00/13] remove_conflicting_framebuffers() cleanup
This series cleans up duplicated code for replacing firmware FB
driver with proper DRI driver and adds handover support to
Tegra driver.
This is a sligtly updated version of a series sent on 24 Nov 2017.
---
v2:
- rebased on current drm-next
- dropped staging/sm750fb changes
- added kernel docs for DRM helpers
v3:
- move kerneldoc to fbdev, where functions are implemented
- split kerneldoc
2018 Sep 01
17
[PATCH v3 00/13] remove_conflicting_framebuffers() cleanup
This series cleans up duplicated code for replacing firmware FB
driver with proper DRI driver and adds handover support to
Tegra driver.
This is a sligtly updated version of a series sent on 24 Nov 2017.
---
v2:
- rebased on current drm-next
- dropped staging/sm750fb changes
- added kernel docs for DRM helpers
v3:
- move kerneldoc to fbdev, where functions are implemented
- split kerneldoc