Here I’d like to summarise my efforts until the publishing day of this post in the netfilter project as part of the Google Summer of Code 2018 program. This will also serve as a product submission which Google requires as a final part of the program.
I publish this post so that we have all my GSoC 2018 related things together here. Here you can read my original proposal which was submitted to the program. You can also read it on the Summer of Code project page.
In the tproxy documentation there is a description about how to set up transparent proxying with the help of iptables and polcy routing. As this is quite a special use-case I met some questions wich are not so obvious, neither are the answers. In this post you can read a little intro about this topic.
As getting closer to the task itself (which is to extract the transparent proxy support from iptables to be available from nftables as well), different solutions come up which serve similar purposes and the difference between them is not trivial.