Le 04/04/2011 07:13, Brian G a écrit :
Hi, on Linux with netfilter: previously I could do "iptables -j
REDIRECT" to create a IPv4 transparent proxy. However, this is
unsupported on IPv6.
How can I achieve this? iptables6 removed the REDIRECT target because
it does not support Network Address Translation in IPv6.
I need the transparent proxy to work with IPv6 under Linux. How are
people doing this?
- Brian
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Hi,
you need at least, a 2.6.37 kernel with the tproxy module:
CONFIG_NETFILTER_TPROXY=m
CONFIG_NETFILTER_XT_TARGET_TPROXY=m
and the last iptables release:
root@test-jp-2:~# ip6tables -t mangle -nvL
Chain PREROUTING (policy ACCEPT 5584 packets, 416K bytes)
pkts bytes target prot opt in out source
destination
60 4400 DIVERT tcp * * ::/0
::/0 socket
0 0 TPROXY tcp * * ::/0
::/0 tcp dpt:80 TPROXY redirect :::50080 mark 0x1/0x1
Regards.
--
Jean-Philippe Menil - Pôle réseau Service IRTS
DSI Université de Nantes
jean-philippe.menil@xxxxxxxxxxxxxx
Tel : 02.53.48.49.27 - Fax : 02.53.48.49.09
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
