[thirdparty/squid.git] / src / IPInterception.h

/*
 * $Id: IPInterception.h,v 1.7 2007/12/14 23:11:45 amosjeffries Exp $
 *
 * DEBUG: section 89    NAT / IP Interception
 * AUTHOR: Robert Collins
 * AUTHOR: Amos Jeffries
 *
 */
#ifndef SQUID_IPINTERCEPTION_H
#define SQUID_IPINTERCEPTION_H

class IPAddress;

/**
 \defgroup IPInterceptAPI IP Interception and Transparent Proxy API
 \ingroup SquidComponent
 \par
 * There is no formal state-machine for transparency and interception
 * instead there is this neutral API which other connection state machines
 * and the comm layer use to co-ordinate their own state for transparency.
 */
class IPIntercept
{
public:
    IPIntercept() : transparent_active(0), intercept_active(0) {};
    ~IPIntercept() {};

    int NatLookup(int fd, const IPAddress &me, const IPAddress &peer, IPAddress &dst);

#if LINUX_TPROXY2
    // only relevant to TPROXY v2 connections.
    // which require the address be set specifically post-connect.
    int SetTproxy2OutgoingAddr(int fd, const IPAddress &src);
#endif

    /**
     \retval 0	Full transparency is disabled.
     \retval 1  Full transparency is enabled and active.
     */
    inline int TransparentActive() { return transparent_active; };

    /** \par
     * Turn on fully Transparent-Proxy activities.
     * This function should be called during parsing of the squid.conf
     * When any option requiring full-transparency is encountered.
     */
    inline void StartTransparency() { transparent_active=1; };

    /** \par
     * Turn off fully Transparent-Proxy activities on all new connections.
     * Existing transactions and connections are unaffected and will run
     * to their natural completion.
     \param str    Reason for stopping. Will be logged to cache.log
     */
    void StopTransparency(const char *str);

    /**
     \retval 0	IP Interception is disabled.
     \retval 1  IP Interception is enabled and active.
     */
    inline int InterceptActive() { return intercept_active; };

    /** \par
     * Turn on IP-Interception-Proxy activities.
     * This function should be called during parsing of the squid.conf
     * When any option requiring interception / NAT handling is encountered.
     */
    inline void StartInterception() { intercept_active=1; };

    /** \par
     * Turn off IP-Interception-Proxy activities on all new connections.
     * Existing transactions and connections are unaffected and will run
     * to their natural completion.
     \param str    Reason for stopping. Will be logged to cache.log
     */
    inline void StopInterception(const char *str);

private:
    int transparent_active;
    int intercept_active;
};

#if !defined(IP_TRANSPARENT)
/// \ingroup IPInterceptAPI
#define IP_TRANSPARENT 19
#endif

/**
 \ingroup IPInterceptAPI
 * Globally available instance of the IP Interception manager.
 */
extern IPIntercept IPInterceptor;

#endif /* SQUID_IPINTERCEPTION_H */
Commit	Line	Data
c8be6d7b	1	/*
cc192b50	2	* $Id: IPInterception.h,v 1.7 2007/12/14 23:11:45 amosjeffries Exp $
c8be6d7b	3	*
04f87469 AJ	4	* DEBUG: section 89 NAT / IP Interception
	5	* AUTHOR: Robert Collins
	6	* AUTHOR: Amos Jeffries
c8be6d7b	7	*
c8be6d7b	8	*/
c8be6d7b	9	#ifndef SQUID_IPINTERCEPTION_H
	10	#define SQUID_IPINTERCEPTION_H
	11
0fc2952e	12	class IPAddress;
62e76326	13
0fc2952e AJ	14	/**
	15	\defgroup IPInterceptAPI IP Interception and Transparent Proxy API
	16	\ingroup SquidComponent
	17	\par
	18	* There is no formal state-machine for transparency and interception
	19	* instead there is this neutral API which other connection state machines
	20	* and the comm layer use to co-ordinate their own state for transparency.
	21	*/
	22	class IPIntercept
	23	{
	24	public:
04f87469 AJ	25	IPIntercept() : transparent_active(0), intercept_active(0) {};
	26	~IPIntercept() {};
	27
0fc2952e	28	int NatLookup(int fd, const IPAddress &me, const IPAddress &peer, IPAddress &dst);
34ec5c62 AJ	29
	30	#if LINUX_TPROXY2
	31	// only relevant to TPROXY v2 connections.
	32	// which require the address be set specifically post-connect.
	33	int SetTproxy2OutgoingAddr(int fd, const IPAddress &src);
	34	#endif
04f87469 AJ	35
	36	/**
	37	\retval 0 Full transparency is disabled.
	38	\retval 1 Full transparency is enabled and active.
	39	*/
	40	inline int TransparentActive() { return transparent_active; };
	41
	42	/** \par
	43	* Turn on fully Transparent-Proxy activities.
	44	* This function should be called during parsing of the squid.conf
	45	* When any option requiring full-transparency is encountered.
	46	*/
	47	inline void StartTransparency() { transparent_active=1; };
	48
	49	/** \par
	50	* Turn off fully Transparent-Proxy activities on all new connections.
	51	* Existing transactions and connections are unaffected and will run
	52	* to their natural completion.
	53	\param str Reason for stopping. Will be logged to cache.log
	54	*/
	55	void StopTransparency(const char *str);
	56
	57	/**
	58	\retval 0 IP Interception is disabled.
	59	\retval 1 IP Interception is enabled and active.
	60	*/
	61	inline int InterceptActive() { return intercept_active; };
	62
	63	/** \par
	64	* Turn on IP-Interception-Proxy activities.
	65	* This function should be called during parsing of the squid.conf
	66	* When any option requiring interception / NAT handling is encountered.
	67	*/
	68	inline void StartInterception() { intercept_active=1; };
	69
	70	/** \par
	71	* Turn off IP-Interception-Proxy activities on all new connections.
	72	* Existing transactions and connections are unaffected and will run
	73	* to their natural completion.
	74	\param str Reason for stopping. Will be logged to cache.log
	75	*/
	76	inline void StopInterception(const char *str);
	77
	78	private:
	79	int transparent_active;
	80	int intercept_active;
	81	};
0fc2952e AJ	82
	83	#if !defined(IP_TRANSPARENT)
	84	/// \ingroup IPInterceptAPI
f1e0717c AJ	85	#define IP_TRANSPARENT 19
	86	#endif
	87
0fc2952e AJ	88	/**
	89	\ingroup IPInterceptAPI
	90	* Globally available instance of the IP Interception manager.
	91	*/
	92	extern IPIntercept IPInterceptor;
c8be6d7b	93
c8be6d7b	94	#endif /* SQUID_IPINTERCEPTION_H */