Hello All,
I am trying to figure out a setup for an http proxy to send only
selected connections to the userland and forward the other
connections.
proxy
------
user
^
| GET /test1
|
client ---------- kernel ----------------all other requests
--------------> server
Anything that matches GET /test1 should be sent to user land to be
served by the proxy and the rest should be forwarded on to the origin
server.
Here is my iptables rule.
iptables -t mangle -A PREROUTING -p tcp --dport 80 -m string --string
"GET /test1" --algo bm -j QUEUE
Obviously this is not working, since the SYN/SYN-ACK is already been
processed so the connection is already set to the origin server. With
the above rule only GET packet is QUEUEd which doesnt help.
Whats a good way to set this up.
Any ideas ?
Thanks
-- Pranav
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
