trafficserver-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Saraswathi Venkataraman <saraswathi.venkatara...@Xoriant.Com>
Subject RE: Configuring traffic server on transparent proxy mode.
Date Thu, 07 Jun 2012 15:14:13 GMT
I flushed the iptables. This is what I have added to my iptables. I have the eth1 interface
of TS1 to the client and eth2 to the webserver routed as default gateway.

Table: filter
Chain INPUT (policy ACCEPT)
num  target     prot opt source               destination

Chain FORWARD (policy ACCEPT)
num  target     prot opt source               destination

Chain OUTPUT (policy ACCEPT)
num  target     prot opt source               destination

Table: mangle
Chain PREROUTING (policy ACCEPT)
num  target     prot opt source               destination
1    MARK       tcp  --  0.0.0.0/0            0.0.0.0/0           tcp spt:80 MARK or 0x1
2    TPROXY     tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:80 TPROXY redirect
0.0.0.0:8080 mark 0x1/0x1

Chain INPUT (policy ACCEPT)
num  target     prot opt source               destination

Chain FORWARD (policy ACCEPT)
num  target     prot opt source               destination

Chain OUTPUT (policy ACCEPT)
num  target     prot opt source               destination

Chain POSTROUTING (policy ACCEPT)
num  target     prot opt source               destination

------------------------------

This is the result of ip rule list
0:      from all lookup local
32765:  from all fwmark 0x1/0x1 lookup 1
32766:  from all lookup main
32767:  from all lookup default

ip route show table 1
local default dev lo  scope host

What else must I do. The packets are coming in, and getting routed directly to the webserver
and getting the response. It is not going through trafficserver at all. Am I missing some
iptable routing?

Thanks & Regards
Saraswathi Venkataraman | Xoriant Solutions Pvt. Ltd.  
Winchester, Hiranandani Business Park, Powai, Mumbai 400076, INDIA. 
Tel: +91 22 30511000 | Ext: 1113 | http://www.xoriant.com


-----Original Message-----
From: Saraswathi Venkataraman [mailto:saraswathi.venkataraman@Xoriant.Com] 
Sent: Thursday, June 07, 2012 8:03 PM
To: users@trafficserver.apache.org
Subject: RE: Configuring traffic server on transparent proxy mode.

The packets are still not getting forwarded to the ATS port. It directly gets the response
from the server now today. Somehow the packets are not getting intercepted to ATS. I have
the same iprules routes and iptables as below. Anything I am missing.

Thanks & Regards
Saraswathi Venkataraman | Xoriant Solutions Pvt. Ltd.  
Winchester, Hiranandani Business Park, Powai, Mumbai 400076, INDIA. 
Tel: +91 22 30511000 | Ext: 1113 | http://www.xoriant.com


-----Original Message-----
From: Alan M. Carroll [mailto:amc@network-geographics.com] 
Sent: Thursday, June 07, 2012 8:31 AM
To: users@trafficserver.apache.org
Subject: Re: Configuring traffic server on transparent proxy mode.

Could you provide some information about what the end result you are looking for? E.g. where
are the clients, where are the origin servers / internet, which network paths should be transparent?

Unfortunately I am on vacation this week and so will not be particularly responsive.

My first comment would be that I have had not much success with using "socket" in my iptables
rules. I think --sport 80 is better. One problem is that SYN/ACK may not be considered on
a socket because it has not yet been established.

You seem to have a lot of rules in your ip rule list - why check for the all the interfaces
if you are also just checking on the firewall mark?

Tuesday, June 5, 2012, 10:46:25 AM, you wrote:

> This is the ifconfig for our machine. We are trying to configure tproxy again on our
machine. 


Mime
View raw message