[squid-users] Re: Squid Ip Spoofing

From: Henrik Nordstrom <hno@dont-contact.us>
Date: 14 May 2003 17:10:56 +0200

ons 2003-05-14 klockan 14.04 skrev Pramod Bhandiwad:
> As per you r instructions below , kernel was modified to allow non
> root applications to bind to non local addresses.But though binding is
> happening we are unable to establish the connection.
>
> Kindly suggest what has to be done.
>
> Warm Regards
> Pramod
>
>
> Prev Msg
>
> 1. Use Linux-2.2 (not 2.4)
> -- Kernel used - 2.2.25
>
> 2. Hack the kernel to allow non-root applications to bind sockets to
> non-local addresses.
> -- Enabled CONFIG_IP_TRANSPARENT_PROXY and recomplied the kernel.

Just enabling CONFIG_IP_TRANSPARENT_PROXY is not sufficient. You also
need to hack the kernel to allow non-root applications to bind sockets
to non-local addresses.

I do not remember today exacly what needed to be changed, but if you
look for where CONFIG_IP_TRANSPARENT_PROXY is used in the kernel it
should be easy to find.

Regards
Henrik

-- 
Donations welcome if you consider my Free Squid support helpful.
https://www.paypal.com/xclick/business=hno%40squid-cache.org
Please consult the Squid FAQ and other available documentation before
asking Squid questions, and use the squid-users mailing-list when no
answer can be found. Private support questions is only answered
for a fee or as part of a commercial Squid support contract.
If you need commercial Squid support or cost effective Squid and
firewall appliances please refer to MARA Systems AB, Sweden
http://www.marasystems.com/, info@marasystems.com
Received on Wed May 14 2003 - 09:12:17 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:16:40 MST