extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2025-08-14 18:24:37 +02:00
Code Issues Packages Projects Releases Wiki Activity

Backport TPROXY from 4.5

Browse Source 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
This commit is contained in:
Tom Eastep
2010-01-17 08:12:44 -08:00
parent 47007c5dbd
commit 07cdb8ca82
4 changed files with 72 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
Shorewall/lib.base
View File

@ -29,7 +29,7 @@
# and /usr/share/shorewall-lite/shorecap.
#
SHOREWALL_LIBVERSION=40406
SHOREWALL_LIBVERSION=40407
SHOREWALL_CAPVERSION=40407
[ -n "${VARDIR:=/var/lib/shorewall}" ]
@ -814,6 +814,7 @@ determine_capabilities() {
MARK=
XMARK=
EXMARK=
TPROXY_TARGET=
MANGLE_FORWARD=
COMMENTS=
ADDRTYPE=
@ -925,6 +926,7 @@ determine_capabilities() {
qt $IPTABLES -t mangle -A $chain -j CLASSIFY --set-class 1:1 && CLASSIFY_TARGET=Yes
qt $IPTABLES -t mangle -A $chain -j IPMARK --addr src && IPMARK_TARGET=Yes
qt $IPTABLES -t mangle -A $chain -p tcp -j TPROXY --on-port 0 --tproxy-mark 1 && TPROXY_TARGET=Yes
qt $IPTABLES -t mangle -F $chain
qt $IPTABLES -t mangle -X $chain
qt $IPTABLES -t mangle -L FORWARD -n && MANGLE_FORWARD=Yes
@ -1030,6 +1032,7 @@ report_capabilities() {
report_capability "IPMARK Target" $IPMARK_TARGET
report_capability "LOG Target" $LOG_TARGET
report_capability "Persistent SNAT" $PERSISTENT_SNAT
report_capability "TPROXY Target" $TPROXY_TARGET
fi
[ -n "$PKTTYPE" ] || USEPKTTYPE=
@ -1090,6 +1093,7 @@ report_capabilities1() {
report_capability1 IPMARK_TARGET
report_capability1 LOG_TARGET
report_capability1 PERSISTENT_SNAT
report_capability1 TPROXY_TARGET
echo CAPVERSION=$SHOREWALL_CAPVERSION
echo KERNELVERSION=$KERNELVERSION