new documentation: IP_TRANSPARENT, is it correct?

All of lore.kernel.org
 help / color / mirror / Atom feed

From: bert hubert <bert.hubert@powerdns.com>
To: netdev@vger.kernel.org
Subject: new documentation: IP_TRANSPARENT, is it correct?
Date: Fri, 21 Apr 2017 20:59:33 +0200	[thread overview]
Message-ID: <20170421185933.GF4183@server.ds9a.nl> (raw)

Hi everyone,

10 years after lartc.org I decided to document a little bit more of Linux
networking, and I hope I got it right. This email asks for your help in
making sure.

Recently I attempted to use IP_TRANSPARENT as outlined in
https://www.kernel.org/doc/Documentation/networking/tproxy.txt but I could
not figure out how it really worked from there (although I could copy paste
my way to some working code).  The web also mostly offered little in the way
of (correct) explanation.

I think I have it figured out by now, but I'm sure there are nuances I have
missed. I'm especially interested in understanding _exactly_ what the
IP_TRANSPARENT socket option does, because it appears somewhat arbitrary
right now:

"The IP_TRANSPARENT socket option enables:

* Binding to addresses that are not (usually) considered local
* Receiving connections and packets from iptables TPROXY redirected sessions"

https://ds9a.nl/tproxy/tproxy.md.html has somewhat prettified Markdown that
requires Javascript, plain Markdown is on
https://github.com/ahupowerdns/tproxydoc/blob/master/tproxy.md

If you could give this a read and a comment on things I got wrong, that
would be most appreciated. Pointers to other relevant documentation are also
very welcome.

Thanks!

	Bert

                 reply	other threads:[~2017-04-21 19:06 UTC|newest]

Thread overview: [no followups] expand[flat|nested]  mbox.gz  Atom feed

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20170421185933.GF4183@server.ds9a.nl \
    --to=bert.hubert@powerdns.com \
    --cc=netdev@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.