I've recently up2dated to version 8.165, and found the issue that I reported here:
http://www.astaro.org/astaro-beta-versions/asg-v8-200-beta/asg-v8-200-beta-closed-threads/36026-8-160-bug-fixed-http-transparent-proxy-not-working-wireless-networks.html
is still a problem. Not sure why it got moved to the closed threads forum...
CTO, Convergent Information Security Solutions, LLC
https://www.convergesecurity.com
Advice given as posted on this forum does not construe a support relationship or other relationship with Convergent Information Security Solutions, LLC or its subsidiaries. Use the advice given at your own risk.
CTO, Convergent Information Security Solutions, LLC
https://www.convergesecurity.com
Advice given as posted on this forum does not construe a support relationship or other relationship with Convergent Information Security Solutions, LLC or its subsidiaries. Use the advice given at your own risk.
As requested... see attached files. Some are screenshots of the config, and the textfiles are the data requested. 192.168.11.0/24 is the Wireless Network in question.
ETA: Looks like the TPROXY Hook does not include the wireless network as it should.
CTO, Convergent Information Security Solutions, LLC
https://www.convergesecurity.com
Advice given as posted on this forum does not construe a support relationship or other relationship with Convergent Information Security Solutions, LLC or its subsidiaries. Use the advice given at your own risk.
CTO, Convergent Information Security Solutions, LLC
https://www.convergesecurity.com
Advice given as posted on this forum does not construe a support relationship or other relationship with Convergent Information Security Solutions, LLC or its subsidiaries. Use the advice given at your own risk.
CTO, Convergent Information Security Solutions, LLC
https://www.convergesecurity.com
Advice given as posted on this forum does not construe a support relationship or other relationship with Convergent Information Security Solutions, LLC or its subsidiaries. Use the advice given at your own risk.
More information... I found that the Client Isolation setting has no effect on the problem... but... when I changed the wireless network in question from Separate Zone configuration to Bridge to AP LAN (and clone the Separate Zone MASQ and Packet filter rules and apply them to the AP LAN, of course), it works fine. This seems to definitely have something to do with Separate Zone configuration.
More information... I found that the Client Isolation setting has no effect on the problem... but... when I changed the wireless network in question from Separate Zone configuration to Bridge to AP LAN (and clone the Separate Zone MASQ and Packet filter rules and apply them to the AP LAN, of course), it works fine. This seems to definitely have something to do with Separate Zone configuration.
We tried to reproduce this, but so far we haven't seen any problems.
Could you re-store your "broken" setup and send us output of:
- ebtables-save
- iptables-save
- ipset list
(plus a hint what ip address you're using on your wireless client).
I guess we will need to re-build the identical setup you're using...
CTO, Convergent Information Security Solutions, LLC
https://www.convergesecurity.com
Advice given as posted on this forum does not construe a support relationship or other relationship with Convergent Information Security Solutions, LLC or its subsidiaries. Use the advice given at your own risk.
CTO, Convergent Information Security Solutions, LLC
https://www.convergesecurity.com
Advice given as posted on this forum does not construe a support relationship or other relationship with Convergent Information Security Solutions, LLC or its subsidiaries. Use the advice given at your own risk.
CTO, Convergent Information Security Solutions, LLC
https://www.convergesecurity.com
Advice given as posted on this forum does not construe a support relationship or other relationship with Convergent Information Security Solutions, LLC or its subsidiaries. Use the advice given at your own risk.
We tried to reproduce this, but so far we haven't seen any problems.
Could you re-store your "broken" setup and send us output of:
- ebtables-save
- iptables-save
- ipset list
(plus a hint what ip address you're using on your wireless client).
I guess we will need to re-build the identical setup you're using...
CTO, Convergent Information Security Solutions, LLC
https://www.convergesecurity.com
Advice given as posted on this forum does not construe a support relationship or other relationship with Convergent Information Security Solutions, LLC or its subsidiaries. Use the advice given at your own risk.
