Re: [squid-users] Passing Information up to the eCap adapter from Jatin Bhasin on 2014-07-10 (squid-users)

From: Jatin Bhasin <jbhasin83_at_gmail.com>
Date: Thu, 10 Jul 2014 21:25:31 +1000

Hi Antony,

Yes I need the source and destination MAC address of the packet which
is received by squid (I am happy with that).
Also I did think at first that squid would not have access to the
source and destination MAC of the packet as you said that it would
have been stripped off by the networking stack, but then I saw that
squid has acls based on MAC addresses.

Please visit below link:
http://wiki.squid-cache.org/SquidFaq/SquidAcl

***** ACL TYPES AVAILABLE *****
arp: Ethernet (MAC) address matching

Seeing this I hope that we have MAC address of the packet and so that
I can push that information up to the eCap adapter.

Thanks,
Jatin

On Thu, Jul 10, 2014 at 8:46 PM, Antony Stone
<Antony.Stone_at_squid.open.source.it> wrote:
> On Thursday 10 July 2014 at 12:34:37, Jatin Bhasin wrote:
>
>> Hello,
>>
>> As I understand currently squid can send client IP address up to the eCap
>> adapter using squid configuration directive *adaptation_send_client_ip.*
>>
>> I needed more information in my eCap adapter so I changed the squid source
>> code to be able to send *Client Port, Destination Address and Destination
>> port* to the eCap adapter.
>>
>> But now my requirement is to be able to pass *source MAC address and
>> destination MAC address* as well to the eCap adapter. But I am not able to
>> understand how I can do it.
>
> What do you mean by destination MAC address?
>
> So long as you're aware that this will be the MAC address of the Squid proxy,
> and not the MAC address of the server with the destination IP address, okay,
> but there's no way for a machine to find out the MAC address of another machine
> which is not on its own local subnet.
>
> That said, I'd be slightly surprised if Squid even knows the MAC addresses
> (they're likely to be stripped off by the networking stack shortly before it
> passes the IP packet to Squid), however I'm happy to be corrected on this by
> someone more familir with its internals than I am.
>
>
> Regards,
>
>
> Antony.
>
> --
> Normal people think "If it ain't broke, don't fix it".
> Engineers think "If it ain't broke, it doesn't have enough features yet".
>
> Please reply to the list;
> please *don't* CC me.
Received on Thu Jul 10 2014 - 11:25:40 MDT

This archive was generated by hypermail 2.2.0 : Thu Jul 10 2014 - 12:00:06 MDT