On Mon, 2004-09-27 at 15:37, Jason Opperisano wrote:
> keep in mind that a side-effect of the REDIRECT "magic" is that the SYN
> does not go to; nor does the SYN-ACK come from, wum's IP address (as was
> evident from the tcpdump snippet provided).
>
> with the REDIRECT target, wum will pretend to be the destination web
> server from the perspective of the client and tor.
>
> all this being said--i couldn't tell from the OP why things weren't
> working.
>
> tcpdump anywhere and everywhere and you'll find the culprit.
>
> -j
hmmm...along those same lines--i just had a thought. is it possible
that "rp_filter" on tor is blocking the packets from wum because "-j
REDIRECT" is making wum spoof the address of the destination web server?
on tor, check:
sysctl -a | grep '\.rp_filter'
sysctl -a | grep log_martians
try either (a) setting rp_filter=0 on the interface on tor that is
connected to wum, or (b) leave rp_filter=1 and set "log_martians=1" on
that interface on tor to see if rp_filter is; in fact, the culprit.
just a thought.
-j
=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~
I'd horsewhip you if I had a horse. -- Groucho Marx
=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~
