On Wed, 14 Mar 2007, Henrik Nordstrom wrote:
> tis 2007-03-13 klockan 14:50 +0900 skrev Steven:
>
>> The third patch (transparent-pipeline.patch) is designed to allow squid
> to
>> handle non-http traffic. If a request can not be decoded by squid, and
> it
>> was a transparently intercepted requets, it will be transformed to a
>> CONNECT request to the server that the client was trying to contact, and
>
>> all data will be passed to/from the server untouched by squid. (I have
> a
>> second copy of this patch that has been tested, and I can confirm that
> it
>> works when patched against squid 2.6.10. The attached patch was created
>
>> against the CVS tree of 2.6, and does need testing).
>
> Cool. Incidentally in principle this is also what's needed for
> transparent interception of non-HTTP ports (i.e. 443), even if those is
> best done with a new tunnel_port directive..
>
> This must be configurable. It's not acceptable to have Squid tunnel junk
> unless the administrator allowed it, not even in transparent
> interception mode.
>
The attached patch should fix the concerns raised.
If there are no other concerns do you want me to wait until 2.6.STABLE11
has been released before committing?
Steven
This archive was generated by hypermail pre-2.1.9 : Sun Apr 01 2007 - 12:00:01 MDT