Awesome it works, thanks ! I just had to make a slight change to the config file and add a "check icmp" on the redirect rules, without that relayd dies with an error. Except this minor change I kept my initial file and it now works well in transparent mode.
So there really is something broken in the relayd shipped with OpenBSD 5.0 at least for transparent mode. Non transparent mode seems to work fine. On 28 March 2012 13:30, Stuart Henderson <s...@spacehopper.org> wrote: > In gmane.os.openbsd.misc, you wrote: > > Hi, > > I am trying to forward port using relayd which works but what I really > need > > is transparent relaying and I cannot make that one works :/ > > Looks like this probably got broken in the proc.c privsep reorganization. > Try 'cvs up -D 2011/05/08" in src/usr.sbin/relayd and relayctl and > rebuilding. > > Date: 2011/05/09 13:08:47 > Author: reyk > Branch: HEAD > Tag: (none) > Log: > Reorganize the relayd code to use the proc.c privsep API/commodity > functions that are based on work for iked and smtpd. This simplifies > the setup of privsep processes and moves some redundant and repeated > code to a single place - which is always good from a quality and > security point of view. The relayd version of proc.c is different to > the current version in iked because it uses 1:N communications between > processes, eg. a single parent process is talking to many forked relay > children while iked only needs 1:1 communications.
