Carlo,
Sorry got busy and forgot to post back to you, I was going to ask whats your output from :
iptables -L -t mangle
Chain PREROUTING (policy ACCEPT)
target prot opt source destination
MARK tcp -- 192.168.2.0/24 anywhere tcp
dpt:http MARK set 0x1
DIVERT tcp -- anywhere anywhere socket
Is the divert to socket in place?
2009/5/11 Carlo Granisso <c.granisso#dnshosting.it>
>
> Hello everybody, I have a problem with haproxy (1.3.17) and kernel 2.6.29
>
> I have successfully recompiled my kernel with TPROXY modules and installed haproxy (compiled from source with tproxy option enabled) and installed iptables 1.4.3 (that have tproxy patch).
> Now I can't use transparent proxy function: if I leave in haproxy.cfg this line "source 0.0.0.0 usesrc clientip" haproxy say "503 - Service unavailable".
> If I comment out the line, everything work fine (without transparent proxy).
>
> My situation:
>
> haproxy with two ethernet device: first one for public IP, sceond one for private IP (192.168.XX.XX)
> two web server with one ethernet for each one connected to my private network.
>
>
>
> Have you got ideas or you can provide me examples?
>
>
> Thanks,
>
>
> Carlo
-- Regards, Malcolm Turnbull. Loadbalancer.org Ltd. Phone: +44 (0)870 443 8779 http://www.loadbalancer.org/Received on 2009/05/11 13:11
This archive was generated by hypermail 2.2.0 : 2009/05/11 13:15 CEST