On 18/12/2013 8:47 p.m., SaRaVanAn wrote:
> Hi All,
> I have basic clarifications on working of Tproxy4 with Squid.
>
> With tproxy2, the destination port of http packets are getting changed
> to squid port 3128 and its handled by squid appropriately.
>
> TPROXY all -- eth0 any anywhere anywhere
> TPROXY redirect 0.0.0.0:3128
>
> With tproxy4,I understand http packets are routed to squid via lo
> interface
lo interface is not related specifically. Your rule above is on the eth0
interface, so that is where the packets are coming from to Squid.
> and there is no change in destination port.
Correct. This is transparent intercept at the TCP and IP layers.
>
> I want to understand how these packets are getting hooked by squid
> even its not destined for his port (3129).
To understand that you need to understand what a port is, and what a
socket is. Ask the kernel networking guys for more specifics.
>
> how tproxy4 works with squid?
To Squid it is simply TCP presented via the normal kernel TCP syscalls:
accept(), getsockname(), read(), write(), connect(), bind(), and
setsockopt().
The only special handling required by Squid is that it must perform
setsockopt() using IP_TRANSPARENT flag on outgoing connections before
use *if* the connection is spoofing the client IP.
>
> Also, How reverse traffic is getting handled by squid ?
see above. Squid does nothing, everything is kernel.
Amos
Received on Wed Dec 18 2013 - 08:26:34 MST
This archive was generated by hypermail 2.2.0 : Wed Dec 18 2013 - 12:00:05 MST