> Adrian Chadd wrote:
>> On Wed, Mar 05, 2008, Laszlo Attila Toth wrote:
>>> Okay, I simply add other hunks to squid code as Amos wrote:
>>>> - migrate defined LINUX_TPROXY -> LINUX_TPROXY2
>>>> - add defined LINUX_TPROXY4
>>
>> Well, LINUX_TPROXY defines a whole bunch of stuff relevant to generic
>> "full" transparency as well as the TPROXY specific stuff.
>>
>> That needs to broken out somewhat. Argh, I wish I had the time
>> to poke it.
>
> Hm. I don't know what would be the best way, because I am not familiar
> with the squid code. What I know is: TProxy4 requires minimal code
> change. My problem is: where to change and how to use ifdef-ed codes
> (LINUX_TPROXY and the two new: LINUX_TPROXY2, LINUX_TPROXY4).
Where, is likely to be the spots currently using LINUX_TPROXY (now
LINUX_TPROXY2) and LINUX_NETFILTER (adding LINUX_TPROXY4)
Some points with "#if LINUX_TPROXY" will need to become "#if LINUX_TPROXY2
|| LINUX_TPROXY4"
All points with "#if LINUX_NETFILTER" are likely to need "#if
LINUX_NETFILTER || LINUX_TPROXY4"
>
> It requires the following socket option:
>
> #ifndef IP_TRANSPARENT
> #define IP_TRANSPARENT 19
> #endif
>
> Then both the listening socket and the outgoing socket has to get this
> socket option (if the setsockopt fails, tproxy can be ignored).
>
> The socket option requires CAP_NET_ADMIN capability.
>
> Regards,
> Attila
>
Adrians seems to want to do eth -2 bits. I'll see about a branch in the
new bzr setup for squid-3.
Amos
Received on Wed Mar 05 2008 - 17:22:52 MST
This archive was generated by hypermail pre-2.1.9 : Tue Apr 01 2008 - 13:00:10 MDT