GitXplorerGitXplorer
c

transbind

public
3 stars
4 forks
0 issues

Commits

List of commits on branch master.
Unverified
506fb8eefc8b925cc9b4aa8453f3ad6ef7375792

code simplification

ccbonte committed 12 years ago
Unverified
d09a2247a9fd164ad27d29653298535b1d84c205

fix ipv6/port representation in the log message

ccbonte committed 12 years ago
Unverified
c1c780e948691160d673364d182a43f65791df1c

Update README.md

ccbonte committed 12 years ago
Unverified
832e800e02f7ab12e67683e262587bfc4d3da3dc

Update README.md

ccbonte committed 12 years ago
Unverified
3c5c92d96dcee20659264fb9e5a12645983793df

Experimental

ccbonte committed 12 years ago
Unverified
bad710538887106541235f7ab8ac6821ef6419a4

Initial commit

ccbonte committed 12 years ago

README

The README file for this repository.

transbind

Enable transparent binding on applications that don't allow it natively.

This library is still experimental. It is based on LD_PRELOAD to set socket options before any bind() calls.

  • For IPv4 : IP_TRANSPARENT or IP_FREEBIND
  • For IPv6 : IPV6_TRANSPARENT

How To

LD_PRELOAD=<installation path>/transbind.so <server application>

The environment variable TRANSBIND_VERBOSITY allows to enable/disable debug messages. A value greater than 0 will enable debug messages. The default is to not log anything.

Tested applications (IPv4 only)

  • nginx
  • varnish

Side notes

iptables -t mangle -N DIVERT
iptables -t mangle -A PREROUTING -p tcp -m socket -j DIVERT
iptables -t mangle -A DIVERT -j MARK --set-mark 1
iptables -t mangle -A DIVERT -j ACCEPT

ip rule add fwmark 1 lookup 100
ip route add local 0.0.0.0/0 dev lo table 100

iptables -t mangle -A PREROUTING -p tcp --dport <port> -j TPROXY --tproxy-mark 0x1/0x1 --on-port <port>