]>
Commit | Line | Data |
---|---|---|
c8be6d7b | 1 | /* |
cc192b50 | 2 | * $Id: IPInterception.h,v 1.7 2007/12/14 23:11:45 amosjeffries Exp $ |
c8be6d7b | 3 | * |
04f87469 AJ |
4 | * DEBUG: section 89 NAT / IP Interception |
5 | * AUTHOR: Robert Collins | |
6 | * AUTHOR: Amos Jeffries | |
c8be6d7b | 7 | * |
8 | */ | |
c8be6d7b | 9 | #ifndef SQUID_IPINTERCEPTION_H |
10 | #define SQUID_IPINTERCEPTION_H | |
11 | ||
0fc2952e | 12 | class IPAddress; |
62e76326 | 13 | |
0fc2952e AJ |
14 | /** |
15 | \defgroup IPInterceptAPI IP Interception and Transparent Proxy API | |
16 | \ingroup SquidComponent | |
17 | \par | |
18 | * There is no formal state-machine for transparency and interception | |
19 | * instead there is this neutral API which other connection state machines | |
20 | * and the comm layer use to co-ordinate their own state for transparency. | |
21 | */ | |
22 | class IPIntercept | |
23 | { | |
24 | public: | |
04f87469 AJ |
25 | IPIntercept() : transparent_active(0), intercept_active(0) {}; |
26 | ~IPIntercept() {}; | |
27 | ||
0fc2952e | 28 | int NatLookup(int fd, const IPAddress &me, const IPAddress &peer, IPAddress &dst); |
34ec5c62 AJ |
29 | |
30 | #if LINUX_TPROXY2 | |
31 | // only relevant to TPROXY v2 connections. | |
32 | // which require the address be set specifically post-connect. | |
33 | int SetTproxy2OutgoingAddr(int fd, const IPAddress &src); | |
34 | #endif | |
04f87469 AJ |
35 | |
36 | /** | |
37 | \retval 0 Full transparency is disabled. | |
38 | \retval 1 Full transparency is enabled and active. | |
39 | */ | |
40 | inline int TransparentActive() { return transparent_active; }; | |
41 | ||
42 | /** \par | |
43 | * Turn on fully Transparent-Proxy activities. | |
44 | * This function should be called during parsing of the squid.conf | |
45 | * When any option requiring full-transparency is encountered. | |
46 | */ | |
47 | inline void StartTransparency() { transparent_active=1; }; | |
48 | ||
49 | /** \par | |
50 | * Turn off fully Transparent-Proxy activities on all new connections. | |
51 | * Existing transactions and connections are unaffected and will run | |
52 | * to their natural completion. | |
53 | \param str Reason for stopping. Will be logged to cache.log | |
54 | */ | |
55 | void StopTransparency(const char *str); | |
56 | ||
57 | /** | |
58 | \retval 0 IP Interception is disabled. | |
59 | \retval 1 IP Interception is enabled and active. | |
60 | */ | |
61 | inline int InterceptActive() { return intercept_active; }; | |
62 | ||
63 | /** \par | |
64 | * Turn on IP-Interception-Proxy activities. | |
65 | * This function should be called during parsing of the squid.conf | |
66 | * When any option requiring interception / NAT handling is encountered. | |
67 | */ | |
68 | inline void StartInterception() { intercept_active=1; }; | |
69 | ||
70 | /** \par | |
71 | * Turn off IP-Interception-Proxy activities on all new connections. | |
72 | * Existing transactions and connections are unaffected and will run | |
73 | * to their natural completion. | |
74 | \param str Reason for stopping. Will be logged to cache.log | |
75 | */ | |
76 | inline void StopInterception(const char *str); | |
77 | ||
78 | private: | |
79 | int transparent_active; | |
80 | int intercept_active; | |
81 | }; | |
0fc2952e AJ |
82 | |
83 | #if !defined(IP_TRANSPARENT) | |
84 | /// \ingroup IPInterceptAPI | |
f1e0717c AJ |
85 | #define IP_TRANSPARENT 19 |
86 | #endif | |
87 | ||
0fc2952e AJ |
88 | /** |
89 | \ingroup IPInterceptAPI | |
90 | * Globally available instance of the IP Interception manager. | |
91 | */ | |
92 | extern IPIntercept IPInterceptor; | |
c8be6d7b | 93 | |
94 | #endif /* SQUID_IPINTERCEPTION_H */ |