I think I have TPROXY working but running into some issues.
Checking my logs all my traffic shows up as a TCP_MISS
1236698452.579 79 66.78.98.194 TCP_MISS/200 542 GET
http://l1.zedo.com//log/p.gif? - DIRECT/72.247.244.10 image/gif
1236698452.634 293 66.78.98.194 TCP_MISS/200 4972 GET
http://blstb.msn.com/i/9B/DDD13A38CB8B34F4DFA3F7BFFF71.jpg -
DIRECT/192.221.114.124 image/jpeg
1236698452.878 100 66.78.98.194 TCP_MISS/200 1076 GET
http://h.foxsports.com/HG? - DIRECT/64.154.81.231 image/gif
1236698453.367 252 66.78.98.194 TCP_MISS/200 1368 GET
http://www.myinternetservices.com/live/visitor/index.php? -
DIRECT/72.232.167.111 image/gif
1236698454.087 13 66.78.98.194 TCP_MISS/200 812 GET
http://weyedata.pelmorex.com/WeatherEye/ObsData/CAON0090.xml -
DIRECT/207.96.160.37 text/xml
1236698455.251 116 66.78.98.194 TCP_MISS/200 1368 GET
http://www.myinternetservices.com/live/visitor/index.php? -
DIRECT/72.232.167.111 image/gif
1236698456.570 6451 66.78.98.194 TCP_MISS/200 45898 GET
http://www.facebook.com/profile.php? - DIRECT/69.63.176.140 text/html
1236698456.876 77 66.78.98.194 TCP_MISS/200 2765 GET
http://profile.ak.facebook.com/v227/2005/50/q638320646_36.jpg -
DIRECT/209.170.91.178 image/jpeg
My iptables is the following
echo 1 > /proc/sys/net/ipv4/ip_forward
/sbin/iptables -t mangle -N DIVERT
/sbin/iptables -t mangle -A DIVERT -j MARK --set-mark 1
/sbin/iptables -t mangle -A DIVERT -j ACCEPT
/sbin/iptables -t mangle -A PREROUTING -p tcp -m socket -j DIVERT
/sbin/iptables -t mangle -A PREROUTING -p tcp --dport 80 -j TPROXY
--tproxy-mark 0x1/0x1 --on-port 3129
//
any idea why I am not getting any TCP_HITS? ...
--
=-=-=-=-=-=-=-=-=-=-=-=-=
Jamie Orzechowski - CCNA
RipNET Ltd. System/Network Administrator
Tel.: 613-342-3946 x294
THIS MESSAGE IS INTENDED ONLY FOR THE ADDRESSEE,
IT MAY CONTAIN PRIVILEGED OR CONFIDENTIAL INFORMATION.
ANY UNAUTHORIZED DISCLOSURE IS STRICTLY PROHIBITED.
IF YOU HAVE RECEIVED THIS MESSAGE IN ERROR,
PLEASE NOTIFY ME IMMEDIATELY SO THAT I MAY CORRECT MY
INTERNAL RECORDS. PLEASE THEN DELETE THE ORIGINAL MESSAGE.
=-=-=-=-=-=-=-=-=-=-=-=-=