Bypassing TPROXY bridge intercept.
|[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]|
Hi all, I have a question about bypassing TProxy intercept. I am using http://wiki.squid-cache.org/Features/Tproxy4 for transparent interception of SSL traffic. It works fine. During operation of the tproxy interception, some sites that users connect to like banking when discovered are placed in the ebtables BROUTE table before the DROP rules (as explained in the Tproxy4 document) like this: # ebtables -t broute -L -p IPv4 --ip-src 220.127.116.11 --ip-proto tcp --ip-sport 443 -j ACCEPT -p IPv4 --ip-dst 18.104.22.168 --ip-proto tcp --ip-dport 443 -j ACCEPT etc. This all works fine. My concern is when there is a huge amount of such destinations. Is there a way to put these tproxy bypass exceptions in its own separate table and how? My other question is how to prevent the existing chain counters being zeroed when and new destination is added to the chain? Daryl -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html