Miquel van Smoorenburg <miquels@cistron.nl>
Brian <hiryuu@envisiongames.net>
Ian Castle <ian.castle@coldcomfortfarm.net>
+ Brad Smitch <brad@comstyle.com>
Duane Wessels <wessels@squid-cache.org>
dnl
dnl Duane Wessels, wessels@nlanr.net, February 1996 (autoconf v2.9)
dnl
-dnl $Id: configure.in,v 1.263 2002/04/13 14:16:04 hno Exp $
+dnl $Id: configure.in,v 1.264 2002/04/13 15:30:10 hno Exp $
dnl
dnl
dnl
AC_CONFIG_AUX_DIR(cfgaux)
AM_INIT_AUTOMAKE(squid, 2.6-DEVEL)
AM_CONFIG_HEADER(include/autoconf.h)
-AC_REVISION($Revision: 1.263 $)dnl
+AC_REVISION($Revision: 1.264 $)dnl
AC_PREFIX_DEFAULT(/usr/local/squid)
AM_MAINTAINER_MODE
fi
])
+dnl Enable PF Transparent Proxy
+AC_ARG_ENABLE(pf-transparent,
+[ --enable-pf-transparent
+ Enable Transparent Proxy support for systems
+ using PF network address redirection.],
+[ if test "$enableval" = "yes" ; then
+ echo "PF Transparent Proxy enabled"
+ AC_DEFINE(PF_TRANSPARENT)
+ PF_TRANSPARENT="yes"
+ fi
+])
+
dnl Enable Linux Netfilter (2.4) Transparent Proxy
AC_ARG_ENABLE(linux-netfilter,
[ --enable-linux-netfilter
memory.h \
mount.h \
net/if.h \
+ net/pfvar.h \
netdb.h \
netinet/if_ether.h \
netinet/in.h \
sleep 10
fi
+dnl PF support requires a header file.
+if test "$PF_TRANSPARENT" ; then
+ AC_MSG_CHECKING(if PF header file is installed)
+ # hold on to your hats...
+ if test "$ac_cv_header_net_pfvar_h" = "yes"; then
+ PF_TRANSPARENT="yes"
+ AC_DEFINE(PF_TRANSPARENT, 1)
+ else
+ PF_TRANSPARENT="no"
+ AC_DEFINE(PF_TRANSPARENT, 0)
+ fi
+ AC_MSG_RESULT($PF_TRANSPARENT)
+fi
+if test "$PF_TRANSPARENT" = "no" ; then
+ echo "WARNING: Cannot find necessary PF header file"
+ echo " Transparent Proxy support WILL NOT be enabled"
+ sleep 10
+fi
+
dnl Linux-Netfilter support requires Linux 2.4 kernel header files.
dnl Shamelessly copied from above
if test "$LINUX_NETFILTER" ; then
/*
- * $Id: client_side.cc,v 1.571 2002/04/13 14:16:04 hno Exp $
+ * $Id: client_side.cc,v 1.572 2002/04/13 15:30:10 hno Exp $
*
* DEBUG: section 33 Client-side Routines
* AUTHOR: Duane Wessels
#endif
#endif
+#if PF_TRANSPARENT
+#include <sys/types.h>
+#include <sys/socket.h>
+#include <sys/ioctl.h>
+#include <sys/fcntl.h>
+#include <net/if.h>
+#include <netinet/in.h>
+#include <net/pfvar.h>
+#endif
+
#if LINUX_NETFILTER
#include <linux/netfilter_ipv4.h>
#endif
static int siocgnatl_cmd = SIOCGNATL & 0xff;
int x;
#endif
+#if PF_TRANSPARENT
+ struct pfioc_natlook nl;
+ static int pffd = -1;
+#endif
#if LINUX_NETFILTER
size_t sock_sz = sizeof(conn->me);
#endif
inet_ntoa(natLookup.nl_realip),
vport, url);
}
+#elif PF_TRANSPARENT
+ if (pffd < 0)
+ pffd = open("/dev/pf", O_RDWR);
+ if (pffd < 0) {
+ debug(50, 1) ("parseHttpRequest: PF open failed: %s\n",
+ xstrerror());
+ return parseHttpRequestAbort(conn, "error:pf-open-failed");
+ }
+ memset(&nl, 0, sizeof(struct pfioc_natlook));
+ nl.saddr.v4.s_addr = http->conn->peer.sin_addr.s_addr;
+ nl.sport = http->conn->peer.sin_port;
+ nl.daddr.v4.s_addr = http->conn->me.sin_addr.s_addr;
+ nl.dport = http->conn->me.sin_port;
+ nl.af = AF_INET;
+ nl.proto = IPPROTO_TCP;
+ nl.direction = PF_OUT;
+ if (ioctl(pffd, DIOCNATLOOK, &nl)) {
+ if (errno != ENOENT) {
+ debug(50, 1) ("parseHttpRequest: PF lookup failed: ioctl(DIOCNATLOOK)\n");
+ close(pffd);
+ pffd = -1;
+ return parseHttpRequestAbort(conn, "error:pf-lookup-failed");
+ } else
+ snprintf(http->uri, url_sz, "http://%s:%d%s",
+ inet_ntoa(http->conn->me.sin_addr),
+ vport, url);
+ } else
+ snprintf(http->uri, url_sz, "http://%s:%d%s",
+ inet_ntoa(nl.rdaddr.v4),
+ ntohs(nl.rdport), url);
#else
#if LINUX_NETFILTER
/* If the call fails the address structure will be unchanged */
projects / thirdparty / squid.git / commitdiff
