REDIRECT problem: dest. port seems to be mangled
Patrick Schaaf
bof@bof.de
Thu, 9 Aug 2001 09:06:38 +0200
Hi,
On Thu, Aug 09, 2001 at 09:21:21AM +1000, John Saunders wrote:
> Transproxy uses the following code to determine the original destination
> (both IP address and port) of the TCP connection.
>
> if (getsockopt(sock, SOL_IP, SO_ORIGINAL_DST,
> (char *)&conn.dest_addr, &length) < 0)
What is the data type of conn.dest_addr? Could length be too small?
> If this call does not fill in the port field with port 80 (the original
> destination) then you will get the problem you describe. I have no idea
> what IP tables is supposed to do, although taken at face value you would
> expect this socket operation to return the original destination.
This socket option was _introduced_ by iptables implementation, and it
is the right way. If your conn.dest_addr is a sockaddr_in, as it appears
to be from the other code snipped, it should work as expected.
Stephane, can you localize the code above in the transproxy source,
and add suitable printf() code to see what's being returned? i.e. after
that call, do something like
fprintf(stderr, "SO_ORIGINAL_DST port=%d, ip=%s\n",
ntohs(conn.dest_addr.sin_port),
inet_ntoa(conn.dest_addr.sin_addr));
regards
Patrick