trafficserver-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Saraswathi Venkataraman <saraswathi.venkatara...@Xoriant.Com>
Subject RE: Configuring traffic server on transparent proxy mode.
Date Tue, 05 Jun 2012 15:46:25 GMT
This is the ifconfig for our machine. We are trying to configure tproxy again on our machine.


eth0      Link encap:Ethernet  HWaddr 2C:76:8A:53:C8:DC
          inet addr:192.168.115.100  Bcast:192.168.115.255  Mask:255.255.255.0
          inet6 addr: fe80::2e76:8aff:fe53:c8dc/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:16125 errors:0 dropped:0 overruns:0 frame:0
          TX packets:7367 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:1700374 (1.6 MiB)  TX bytes:4829093 (4.6 MiB)
          Interrupt:32

eth1      Link encap:Ethernet  HWaddr 2C:76:8A:53:C8:DD
          inet6 addr: fe80::2e76:8aff:fe53:c8dd/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:2280896 errors:0 dropped:0 overruns:0 frame:0
          TX packets:12838 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:187005928 (178.3 MiB)  TX bytes:1389503 (1.3 MiB)
          Interrupt:36

eth1.796  Link encap:Ethernet  HWaddr 2C:76:8A:53:C8:DD
          inet addr:10.60.255.254  Bcast:10.60.255.255  Mask:255.255.0.0
          inet6 addr: fe80::2e76:8aff:fe53:c8dd/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:2271924 errors:0 dropped:0 overruns:0 frame:0
          TX packets:12808 errors:0 dropped:6 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:136291894 (129.9 MiB)  TX bytes:1278148 (1.2 MiB)

eth1.798  Link encap:Ethernet  HWaddr 2C:76:8A:53:C8:DD
          inet addr:10.61.255.254  Bcast:10.61.255.255  Mask:255.255.0.0
          inet6 addr: fe80::2e76:8aff:fe53:c8dd/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:275 errors:0 dropped:0 overruns:0 frame:0
          TX packets:34 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:14906 (14.5 KiB)  TX bytes:2493 (2.4 KiB)

eth2      Link encap:Ethernet  HWaddr 2C:76:8A:53:C8:DE
          UP BROADCAST MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:0 (0.0 b)  TX bytes:0 (0.0 b)
          Interrupt:32

eth3      Link encap:Ethernet  HWaddr 2C:76:8A:53:C8:DF
          UP BROADCAST MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:0 (0.0 b)  TX bytes:0 (0.0 b)
          Interrupt:36

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:49707 errors:0 dropped:0 overruns:0 frame:0
          TX packets:49707 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:11216523 (10.6 MiB)  TX bytes:11216523 (10.6 MiB)

Output of ip rule list is: 
0:      from all lookup local
32756:  from all fwmark 0x1 lookup 100
32757:  from all fwmark 0x1 iif eth2 lookup 100
32758:  from all fwmark 0x1/0x1 lookup 1
32759:  from all fwmark 0x1 lookup 1
32760:  from all fwmark 0x1 iif eth3 lookup 100
32764:  from all fwmark 0x1 iif eth0 lookup 100
32765:  from all fwmark 0x1 iif eth1 lookup 100
32766:  from all lookup main
32767:  from all lookup default

And iptables -t mangle --list is:
Chain PREROUTING (policy ACCEPT)
target     prot opt source               destination
DIVERT     tcp  --  anywhere             anywhere            socket
TPROXY     tcp  --  anywhere             anywhere            tcp dpt:http TPROXY redirect
0.0.0.0:8080 mark 0x1/0x1

Chain INPUT (policy ACCEPT)
target     prot opt source               destination

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

Chain POSTROUTING (policy ACCEPT)
target     prot opt source               destination

Chain DIVERT (1 references)
target     prot opt source               destination
MARK       all  --  anywhere             anywhere            MARK set 0x1
ACCEPT     all  --  anywhere             anywhere

Is there anything wrong with this?

Thanks & Regards
Saraswathi Venkataraman | Xoriant Solutions Pvt. Ltd.  
Winchester, Hiranandani Business Park, Powai, Mumbai 400076, INDIA. 
Tel: +91 22 30511000 | Ext: 1113 | http://www.xoriant.com

-----Original Message-----
From: Alan M. Carroll [mailto:amc@network-geographics.com] 
Sent: Thursday, May 24, 2012 6:59 PM
To: Saraswathi Venkataraman
Subject: Re: Configuring traffic server on transparent proxy mode.

That's all I have in my iptables on my test box and it works in forward transparent mode.

Thursday, May 24, 2012, 7:00:16 AM, you wrote:

> What exactly should I follow?
> Just these two will do?

> iptables -t mangle -A PREROUTING -i eth1 -p tcp -m tcp --dport 80 -j TPROXY \
>    --on-ip 0.0.0.0 --on-port 8080 --tproxy-mark 1/1

> iptables -t mangle -A PREROUTING -i eth0 -p tcp -m tcp --sport 80 -j MARK --set-mark
1/1


Mime
View raw message