On 11/29/2012 3:31 PM, Nick Fennell wrote:
> Hey Steve,
>
> OK so, for your internal (LAN) traffic, why put it through TPROXY at all? Why not exclude it from the redirect into the TPROXY engine and allow it to proxy through "organically"?
>
> As well you know, if TPROXY sees the traffic in one direction, it needs to see it in the other.
>
> My suggestion: Bypass TPROXY for LAN traffic.
+1
simple iptables rules.
Eliezer
>
> Nick
> --
> Nick Fennell
> nick_at_tbfh.org
-- Eliezer Croitoru https://www1.ngtech.co.il sip:ngtech_at_sip2sip.info IT consulting for Nonprofit organizations eliezer <at> ngtech.co.ilReceived on Thu Nov 29 2012 - 17:28:05 MST
This archive was generated by hypermail 2.2.0 : Fri Nov 30 2012 - 12:00:08 MST