tor 2010-04-22 klockan 00:25 +0000 skrev Amos Jeffries:
> > In addition it may make sense to be able to selectively enable tproxy
> > spoofing independent of interception, which would also solve the above
> > reservation.
>
> From TPROXYv4 the intercept options are mutually exclusive. Due to the
> nature of the NAT and TPROXY lookups.
I was not talking about the options above, just the functionality of
intercepting vs spoofing.
The tproxy http_port option enables both functions (intercepting
requests, and spofing outgoing requests).
> TPROXY in other modes has a wide set of possibilities and potential
> problems we will need to consider carefully before enabling.
Basic problems is the same in all modes. For tproxy spoofing to work
return traffic on forwarded requests need to find their way back to the
right cache server, not to the reuesting client or another cache server.
The available solutions to that problem differs slightly depending on
how client traffic arrives on the cache servers.
Regards
Henrik
Received on Thu Apr 22 2010 - 19:47:03 MDT
This archive was generated by hypermail 2.2.0 : Fri Apr 23 2010 - 12:00:09 MDT