> have you try my last hints ? > I'm using fc4 , then upgrade it to kernel 2.6.15.7 ( did you use fc5 ? then > I could be some problem to downgrade from original 2.6.16 to 2.6.15 ?) & > patch cttproxy-2.6.15-2.0.4.tar.gz I try to pacth iptables-1.3.0 with unsunccessfully results. THE SOLUTION: ;D Sunil I have been solved the problems of tproxy(If i have been able to implement it you will be must able ;) First of all, I have Gentoo GNU/Linux :) The steps to implement tproxy are the followings: - Downolad kernel-2.6.16 from kernel.org and patch it with: http://people.balabit.hu/hidden/tproxy2-2.6.16_20060727.tar.bz2 (this is not-officially released but works fine), compile it as a module. - Download iptables-1.3.5.tar.gz from netfilter.org. to install it: make KERNEL_DIR=<your kernel with tproxy support> make install - Copy your /usr/local/lib/iptables to /lib/iptables - Download squid2.6STABLE2 and: ./configure --enable-linux-tproxy --enable-linux-netfilter && make all && make install - Check squid.conf: http_port 3128 tproxy transparent - Add a rule for iptables: iptables -t tproxy -A PREROUTING -p tcp -m tcp --dport 80 -j TPROXY --on-port 3128 --on-ip 0.0.0.0 - to check it: Try to use squid in daemonize mode. Debug mode looks like spoofing fail. Use a sniffer like ethereal or others. Regards, Angel Mieres. -- Angel Mieres - amieres@xxxxxxxxxxxxxxxxxx ///////////////////////////////////////// Gentoo has you...
