Re: [PATCH] IPv6 transparent proxy support for Squid

From: Amos Jeffries <squid3_at_treenet.co.nz>
Date: Tue, 09 Jul 2013 22:24:18 +1200

The netfilter maintainer is rejecting outright that patch on grounds
that it is only needed by C++ type checking and not relevant for C
compilers even though it is written in C language. (They have a strong
predjudice against non-C languages over there.)

I have applied this patch with a custom definition of
IP6T_SO_ORIGINAL_DST in place of a working kernel API. As a result we
are no longer able to auto-detect and warn the admin about missing IPv6
NAT support. Squid will simply obey and listen on IPv6 ports for
intercepted traffic even if the kernel does not support IPv6 NAT.
However given that only kernels with working support will be able to
relay IPv6 traffic there in the first place I think it is not a big problem.

Amos
Received on Tue Jul 09 2013 - 10:24:32 MDT

This archive was generated by hypermail 2.2.0 : Thu Jul 11 2013 - 12:00:59 MDT