Re: debug iptables rules

Linux Netfilter discussions
 help / color / mirror / Atom feed

From: Amos Jeffries <squid3@treenet.co.nz>
To: "Rob Sterenborg (Lists)" <lists@sterenborg.info>
Cc: TEJAS <tsevak@gmail.com>, netfilter@vger.kernel.org
Subject: Re: debug iptables rules
Date: Fri, 26 Aug 2011 04:16:35 +1200	[thread overview]
Message-ID: <4E567563.20505@treenet.co.nz> (raw)
In-Reply-To: <1314125087.2486.61.camel@kushiel.sterenborg.info>

On 24/08/11 06:44, Rob Sterenborg (Lists) wrote:
> On Tue, 2011-08-23 at 20:05 +0530, TEJAS wrote:
>> Hi,
>>
>> I set log rule for port 80 traffic logging and it is working fine. And
>> i want to log tproxy rule which is redirect traffic from port 80 to
>> port 3129 (squid tproxy). So for that what will be LOG rule for this?
>
> [snip]
>
>> Actually i want to see packet redirect from port 80 to port 3129.
>>
>> What is the use of socket match?I try to find from google and also
>> read some document , but i am not having any good understanding for
>> it.So kindly guide me that what is the use of socket match and how's
>> TPROXY match works?
>
> Sorry, can't help you there so maybe someone else can jump in: I've
> never used the socket match or TPROXY target. (According to what I just
> read the socket match replaced the tproxy match. I suppose you took your
> experiment from https://lwn.net/Articles/252545/ because it looks the
> same.)

A squid wiki cut-n-paste job.

   TPROXY rule is capturing packets to port 80 into squid port 3129.
   DIVERT is preventing packets leaving the squid from being captured.

Log marked packets after TPROXY rule to see the packets entering squid.
Log marked packets after the DIVERT sub-chain MARK rule to see packets 
exiting squid.

AYJ

next prev parent reply	other threads:[~2011-08-25 16:16 UTC|newest]

Thread overview: 12+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
     [not found] <CA+b04XnYFUcukqbmQXiKbY4VjUaFs3red56Jfnzm4pj+z6ndRw@mail.gmail.com>
2011-08-22 15:10 ` debug iptables rules TEJAS
2011-08-22 15:30   ` Rob Sterenborg (Lists)
2011-08-22 15:53     ` TEJAS
2011-08-22 16:13       ` Rob Sterenborg (Lists)
2011-08-22 18:04         ` TEJAS
2011-08-23  9:08           ` Rob Sterenborg (Lists)
2011-08-23 14:35             ` TEJAS
2011-08-23 18:44               ` Rob Sterenborg (Lists)
2011-08-25 16:16                 ` Amos Jeffries [this message]
2011-08-23  8:18         ` Erik Schorr
2011-08-23 10:29           ` Jan Engelhardt
2011-08-22 20:53   ` fuzzy_4711

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=4E567563.20505@treenet.co.nz \
    --to=squid3@treenet.co.nz \
    --cc=lists@sterenborg.info \
    --cc=netfilter@vger.kernel.org \
    --cc=tsevak@gmail.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox