On Wed, Jun 20, 2018 at 05:24:46PM +0200, Florian Westphal wrote: > > I think, it is a useful one. If I want to make proxy working only for web > > traffic this simple tproxy statement is sufficient: > > tcp dport 80 tproxy > > if the proxy software is listening on port 80. > > Yes, but in that case TPROXY isn't needed as all of it can > be done only by policy routing (i.e., use > tcp dport 80 mark set mark 0x1 > and add policy routing rule). > > > This use-case seems quite meaningful to me. > > Okay, but you don't need tproxy for this to work :-) > > tproxy is only needed if packet for destination port x should end up > with socket on destination port y. Indeed :) I'll remove it then. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
