libxt_TPROXY.man revision 92b54aa2b436387f85783d3f420ccaa12fdaf891
1This target is only valid in the \fBmangle\fR table, in the \fBPREROUTING\fR 2chain and user-defined chains which are only called from this chain. It 3redirects the packet to a local socket without changing the packet header in 4any way. It can also change the mark value which can then be used in advanced 5routing rules. 6It takes three options: 7.TP 8\fB--on-port\fR \fIport\fR 9This specifies a destination port to use. It is a required option, 0 means the 10new destination port is the same as the original. This is only valid if the 11rule also specifies \fB-p tcp\fR or \fB-p udp\fR. 12.TP 13\fB--on-ip\fR \fIaddress\fR 14This specifies a destination address to use. By default the address is the IP 15address of the incoming interface. This is only valid if the rule also 16specifies \fB-p tcp\fR or \fR-p udp\fR. 17.TP 18\fB--tproxy-mark\fR \fIvalue\fR[\fB/\fR\fImask\fR] 19Marks packets with the given value/mask. The fwmark value set here can be used 20by advanced routing. (Required for transparent proxying to work: otherwise 21these packets will get forwarded, which is probably not what you want.) 22