Hi, I wrote an HTTP proxy. I used the iptables REDIRECT functionality to get all my connection hi-jacked by the proxy. I then also use iptables for accounting and for this; I need to know the original destination port of the connection. That was easily done with kernel2.2 ipchains using getpeername() function. Now inside the kernel2.4 I parse the /proc/net/ip_conntrack file. But what I have found is that sometimes, quite often actually, the entry for the existing connection that the proxy is dealing with, there's no entry inside the ip_conntrack file. Because I did receive HTTP data over that connection, I would have assumed to have an entry with [ASSURED] and use=1 inside the ip_conntrack but that is not the case. I did a print of the whole file when my code doesn't find an entry in order to have parse the file myself and see if the code was or not problem but the entry was not there either. As anyone have seen such behavior while using REDIRECT and attempting to retrieve the original destination port? My test setup is running over kernel 2.4.26 -- Yannick Koehler
