Adrian Chadd wrote:
> On Wed, Mar 05, 2008, Laszlo Attila Toth wrote:
>> Okay, I simply add other hunks to squid code as Amos wrote:
>>> - migrate defined LINUX_TPROXY -> LINUX_TPROXY2
>>> - add defined LINUX_TPROXY4
>
> Well, LINUX_TPROXY defines a whole bunch of stuff relevant to generic
> "full" transparency as well as the TPROXY specific stuff.
>
> That needs to broken out somewhat. Argh, I wish I had the time
> to poke it.
Hm. I don't know what would be the best way, because I am not familiar
with the squid code. What I know is: TProxy4 requires minimal code
change. My problem is: where to change and how to use ifdef-ed codes
(LINUX_TPROXY and the two new: LINUX_TPROXY2, LINUX_TPROXY4).
It requires the following socket option:
#ifndef IP_TRANSPARENT
#define IP_TRANSPARENT 19
#endif
Then both the listening socket and the outgoing socket has to get this
socket option (if the setsockopt fails, tproxy can be ignored).
The socket option requires CAP_NET_ADMIN capability.
Regards,
Attila
Received on Wed Mar 05 2008 - 06:22:38 MST
This archive was generated by hypermail pre-2.1.9 : Tue Apr 01 2008 - 13:00:10 MDT