On Wed, Mar 05, 2008, Laszlo Attila Toth wrote:
> Hello,
>
> We only supports TProxy version 4.1 but in the squid "--enable-tproxy"
> requires version 2 which is obsolete for a while.
G'day,
There's a patch in the Squid bugzilla somewhere which implements tproxy
support against Squid-2. I'd like to include this into Squid-2, but:
* We can't just drop tproxy-2 support, as people are currently using it;
* I'd like to support both this and the FreeBSD transparency methods
(I've got some test code for a FreeBSD version of your work, against
FreeBSD-current)
* So what I'd like to do is (simply!) break out the tproxy-specific code
in Squid-2 and create tproxy2, tproxy4 and freebsd modules for
transparency.
Adrian
> Current implementation doesn't require kernel support, only a new socket
> option, IP_TRANSPARENT, also I made a patch which drops
> "--enable-tproxy" because TProxy 4.1 uses netfilter/iptables (TPROXY
> target and socket match). If "--enable-linux-netfilter" is used, the
> "tproxy" option is available for "http_proxy".
>
> It is not yet finished, the squid proxy doesn't bind to the client's
> address. Furthermore I think it would be better to have a diferent
> option for this, and "tproxy" wouldn't imply this.
>
> The patch is available here for 2.6-STABLE18:
>
> http://www.balabit.com/downloads/files/tproxy/
>
>
> Any suggestions?
>
> Regards,
> Attila
-- - Xenion - http://www.xenion.com.au/ - VPS Hosting - Commercial Squid Support - - $25/pm entry-level VPSes w/ capped bandwidth charges available in WA -Received on Wed Mar 05 2008 - 04:22:14 MST
This archive was generated by hypermail pre-2.1.9 : Tue Apr 01 2008 - 13:00:10 MDT