G'day,
I'm looking at Gonzalo's Squid-2 + TPROXY-4 patch in bugzilla (1581) and it
doesn't seem all that difficult to integrate TPROXY-4 support. It won't make
it in time for 2.7 (whenever that last outstanding bug is fixed) but I'd like
to make it in for 2.8.
There are a few core things to integrate:
* the logic which tracks the "tproxy" connection status, including the pconn
popping, etc; and
* the actual hack required to do the non-local bind(); and finally
* the setup stuff - the capabilities dance for tproxy-2; whatever we decide
in FreeBSD to grant a process "permission" to do non-local binds.
I'll break out the "source spoofing" into seperate files, one per "option",
and I may get around to doing that for the ip interception logic too to keep
things clean.
Comments?
Adrian
-- - Xenion - http://www.xenion.com.au/ - VPS Hosting - Commercial Squid Support - - $25/pm entry-level VPSes w/ capped bandwidth charges available in WA -Received on Tue Apr 01 2008 - 08:59:05 MDT
This archive was generated by hypermail 2.2.0 : Wed Apr 30 2008 - 12:00:07 MDT