GitXplorerGitXplorer
c

transbind

public
3 stars
4 forks
0 issues

Commits

List of commits on branch master.
Unverified
0775f817c807ba6d727b28502faa17d3d5b5b508

Initialize only once the verbosity level

ccbonte committed 12 years ago
Unverified
7878fc1ad5c8ad31ee0f0ade5cf999140a6e7750

Prevent modification of the constant 'one'

ccbonte committed 12 years ago
Unverified
374254fa672abbb7fc162de15042ebad09a7102f

Add some #define to prevent compilation issues

ccbonte committed 12 years ago
Unverified
327ef4d6e9ee656d564e51b92b06598a46296bc5

TRANSBIND_VERBOSITY documentation

ccbonte committed 12 years ago
Unverified
cd0183ea9a9fe6d99f8a9ac38f6d51561363723f

Add TRANSBIND_VERBOSITY environment variable to enable/disable debug messages

ccbonte committed 12 years ago
Unverified
63a3326523d1a05cc32ade69724710e6b2bac0c7

Update README.md

ccbonte committed 12 years ago

README

The README file for this repository.

transbind

Enable transparent binding on applications that don't allow it natively.

This library is still experimental. It is based on LD_PRELOAD to set socket options before any bind() calls.

  • For IPv4 : IP_TRANSPARENT or IP_FREEBIND
  • For IPv6 : IPV6_TRANSPARENT

How To

LD_PRELOAD=<installation path>/transbind.so <server application>

The environment variable TRANSBIND_VERBOSITY allows to enable/disable debug messages. A value greater than 0 will enable debug messages. The default is to not log anything.

Tested applications (IPv4 only)

  • nginx
  • varnish

Side notes

iptables -t mangle -N DIVERT
iptables -t mangle -A PREROUTING -p tcp -m socket -j DIVERT
iptables -t mangle -A DIVERT -j MARK --set-mark 1
iptables -t mangle -A DIVERT -j ACCEPT

ip rule add fwmark 1 lookup 100
ip route add local 0.0.0.0/0 dev lo table 100

iptables -t mangle -A PREROUTING -p tcp --dport <port> -j TPROXY --tproxy-mark 0x1/0x1 --on-port <port>