On Wed, Mar 05, 2008, Laszlo Attila Toth wrote:
> Hm. I don't know what would be the best way, because I am not familiar
> with the squid code. What I know is: TProxy4 requires minimal code
> change. My problem is: where to change and how to use ifdef-ed codes
> (LINUX_TPROXY and the two new: LINUX_TPROXY2, LINUX_TPROXY4).
> It requires the following socket option:
>
> #ifndef IP_TRANSPARENT
> #define IP_TRANSPARENT 19
> #endif
Yeah, you guys are doing it exactly like how we're fiddling with it
in FreeBSD. :) Set socket option, then do bind() to non-local address.
> Then both the listening socket and the outgoing socket has to get this
> socket option (if the setsockopt fails, tproxy can be ignored).
Yup.
> The socket option requires CAP_NET_ADMIN capability.
OK.
Well, there's two part - part A is all the stuff which sets the client/server
connections are participating in the "tproxy" connection; part B is the stuff
to talk to TPROXY/FreeBSD to do the relevant socket options and what not.
I'll look at combining your stuff, my stuff and Gonzalo's stuff into something
for Squid-2 soon and see how it works out.
Thanks!
Adrian
-- - Xenion - http://www.xenion.com.au/ - VPS Hosting - Commercial Squid Support - - $25/pm entry-level VPSes w/ capped bandwidth charges available in WA -Received on Wed Mar 05 2008 - 06:39:08 MST
This archive was generated by hypermail pre-2.1.9 : Tue Apr 01 2008 - 13:00:10 MDT