On Friday 2012-07-13 14:59, SamLT wrote: >I've been playing with TPROXY with squid3, and it's working fine so far, >but there is one thing (at least!) i do not understand: > >if I use it with, e.g., --on-port 3129, for packet matching 'tcp dport >80', it then ends up in the INPUT chain, but still on tcp dport 80 (*) > >squid3 is listening on tcp port 3129, so how does it get there? tproxy does the socket lookup and assigns it to the skb before the normal TCP code would. -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
