Iptable tproxy rule to proxy outgoing traffic

I'm trying to implement a transparent proxy that will intercept outgoing connections and forward to destination afterwards. I have found this iptables tproxy rule:

sudo iptables -t mangle -A PREROUTING -p tcp --dport 9002 -j TPROXY --tproxy-mark 0x1/0x1 --on-port 9001 

to divert outgoing connection set to go to port 9002 to my proxy application listening port 9001. This works well and my proxy receives connection when local client tries to connect to local server as:

./client 127.0.0.1 9002 

My proxy application then access original ip:port information (which is 127.0.0.1:9002 in this case) by setting SOL_IP property as:

setsockopt(socketfd, SOL_IP, IP_TRANSPARENT, &yes, sizeof(yes) 

However, when client tries to connect remote server (./client remote_ip 9002) listening on port 9002, my proxy application does not get connection. I think I need to use tproxy as otherwise myproxy application cannot learn about real destination of this connection which is necessary to forward the connection.

Replay

Category: iptables Time: 2016-07-29 Views: 0

Related post

iOS development

Android development

Python development

JAVA development

Development language

PHP development

Ruby development

search

Front-end development

Database

development tools

Open Platform

Javascript development

.NET development

cloud computing

server

Copyright (C) avrocks.com, All Rights Reserved.

processed in 0.384 (s). 12 q(s)