| Author |
Message |
puzzlement
Joined: 12 May 2007
Posts: 8
|
| Posted: Tue Jul 05, 2011 1:51 am Post subject: stunnel transparent proxying |
|
|
I am trying to set up stunnel's transparent proxying feature (see http://www.stunnel.org/static/stunnel.html and look for "enable transparent proxy support on selected platforms").
This involves a number of iptables rules, including:
iptables -t mangle -A PREROUTING -p tcp -m socket -j DIVERT
This gives the error "iptables: No chain/target/match by that name."
The error refers to the "-m socket" part of the rule. Is there any way to make this work on Linodes (I am using Debian 6 64bit) or is it not built into the kernel? |
|
| Back to top |
|
puzzlement
Joined: 12 May 2007
Posts: 8
|
| Posted: Mon Jul 25, 2011 5:07 pm Post subject: |
|
|
It looks like this requires CONFIG_NETFILTER_TPROXY, which is not compiled into Linode kernels, or at least not into 2.6.39.1-x86_64-linode19
http://www.linode.com/src/ doesn't seem to have source for Linode's builds of any kernel after 2.6.35, so I can't build the module myself. |
|
| Back to top |
|
puzzlement
Joined: 12 May 2007
Posts: 8
|
| Posted: Mon Jul 25, 2011 5:26 pm Post subject: |
|
|
| Support tells me that their new kernels are built directly from kernel.org sources. |
|
| Back to top |
|
| |
