Previous Message Next Message
Forum List Message List New Topic Print View
Patrick
November 28, 2019 07:28PM
On 2019-11-28 15:33, yoav.cohen wrote:
> However, we need to be able to send all TCP traffic to another process
> for offline processing.

This can probably be done using the packet mgmt features of the OS, e.g.
with netfilter/iptables `TEE' for Linux:
http://ipset.netfilter.org/iptables-extensions.man.html#lbDU
or ipf `dup-to' for FreeBSD:
https://www.freebsd.org/cgi/man.cgi?query=ipf&sektion=5&apropos=0&manpath=FreeBSD+12.1-RELEASE+and+Ports

Mirroring the inside interfaces will yield the un-TLS'd traffic.


Patrick
_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
Reply Quote
RSS
Subject Author Posted

Offload TCP traffic to another process

yoav.cohen November 28, 2019 03:33PM

Re: Offload TCP traffic to another process

Marcin Wanat November 28, 2019 05:40PM

Re: Offload TCP traffic to another process

alon.ludmer November 29, 2019 02:26AM

Re: Offload TCP traffic to another process

Patrick November 28, 2019 07:28PM



Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 254
Record Number of Users: 8 on April 13, 2023
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready