Hi all, I'm trying to set up an SSL transparent proxy, and I've seen very bizarre behavior on my system. I've added two NAT rules to the PREROUTING chain, looking like this: # iptables -L -v -t nat Chain PREROUTING (policy ACCEPT 561 packets, 70236 bytes) pkts bytes target prot opt in out source destination 20 1280 REDIRECT tcp -- ppp0 any anywhere anywhere tcp dpt:4309 redir ports 4443 8 512 REDIRECT tcp -- ppp0 any anywhere anywhere tcp dpt:https redir ports 4443 So I've got a listener on port 4443, accepting connections from both ports 443 and 4309. When I'm doing the first recv() in my accepting server, I get the incoming connections to port 443 very well, BUT: Incoming connections to port 4309 gets *3 extra bytes* in the beginning of the connection (maybe also to subsequent packets, but I haven't had the chance to see this data yet...() The first 3 bytes I'm getting is: 0x00 0x01 0x05 My machine is an up-to-date Ubuntu 9.10 (karmic), and the packets are coming from a client connected thru pptpd. Anyone has a clue? -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
