I would like to ask what happens internally when redirecting using Tproxy.
iptables -t mangle -A PREROUTING -p tcp --dport 443 -j TPROXY --tproxy-mark 1 --on-port 40001
It located in PREROUTING in the mangle table of iptables.
As far as I know, the routing decision is made after the PREROUTING chain.
When redirecting using Tproxy as above.
Packet through ip rule & routing table? Or does it go directly to the local 40001 port?
I have the same problem.
I want to know what happened because I find if I use TPROXY, the routing table looks like not work.
Chain PREROUTING (policy ACCEPT 887 packets, 200K bytes)
pkts bytes target prot opt in out source destination
20M 4462M TPROXY_SRV_eth3.1 all -- * * 0.0.0.0/0 0.0.0.0/0
Chain TPROXY_SRV_eth3.1 (1 references)
pkts bytes target prot opt in out source destination
225 14048 TPROXY tcp -- eth3.1 * 0.0.0.0/0 172.168.2.0/24 tcp dpt:8000 TPROXY redirect 172.168.2.3:8000 mark 0x1/0x1
The route table with fwmark 1 like
local default dev lo scope host
The IP rule is
0: from all lookup local
1: from all fwmark 0x1 lookup 1
10: from all fwmark 0x29 lookup 41
10: from all fwmark 0xc lookup test
32766: from all lookup main
32767: from all lookup default
I found the packet does not go through table 1 because I can't capture it by tcpdump.
anyone can help me
