[Pauldotcom] transparent proxy and iptables failing
dninja at gmail.com
Wed Oct 7 22:04:20 UTC 2009
2009/10/7 Ben Greenfield <bcg at struxural.com>:
> I don't see why you would net ebtables for this, I do this with
> iptables and bridge-utils without a problem. I'm curious what your
> routing table looks like, as for my setup the routing is integral to
> this, and it didn't work until I added what seemed like a gratuitous
> route to me. I just looked at my config, and other than the bridge
> name I'm using an identical IP tables command. If you want I'd be
> happy to provide the script that controls my iptables firewall that
> has a virtual DMZ, WAN, and LAN interfaces.
> Do you mind posting the output of /sbin/route? It will probably help
> us figure this out.
I've ran out of time to do this today so will have to come back to it
tomorrow but the routing on a machine on both sides of the bridge is
just a normal default route and the device doesn't have a route setup
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.0.0 * 255.255.255.0 U 0 0 0 eth0
default 192.168.0.254 0.0.0.0 UG 0 0 0 eth0
I agree that this should all work so it is probably just something
daft. I've built the physdev module and got it installed but not
tested it yet, hopefully that will solve things.
Are there any basic tests anyone can suggest that I can work through
to try to debug this?
More information about the Pauldotcom