I installed a TPROXY server in my router that forwards the traffic to a SOCKS5 server.
The router has the address 192.168.1.1 and my PC has the address 192.168.1.33. Also, I have a local bridge "virbr0" in PC side that forwards traffic to a virtual machine, having it the gateway address as 192.168.11.1 and peer address as 192.168.11.2.
In the PC side:
ip rule add fwmark 1088 table 100
ip route add local default dev virbr0 table 100
iptables -t mangle -A PREROUTING -i virbr0 -p tcp -j TPROXY -s 192.168.11.2 --on-ip 192.168.0.1 --on-port 1088 --tproxy-mark 1088
When I try to curl any IP in the virtual machine side (192.168.11.2) I get timeouts, seeing the Wireshark logs, any packet is forwarded from my PC to the router.
And when I change the address of "--on-ip" to 127.0.0.1 and run the TPROXY server locally listening on 127.0.0.1:1088 everything works ok.
How can I make the TPROXY option in iptables "see" the external address of the router (192.168.1.1) and connect?
PS.: I don't know if TPROXY was designed to work with non-local addresses when sending the packets, but I searched a lot in Google and I could see examples of TPROXY using non-local addresses, but when I try to reproduce the examples, nothing works.