From: Amos Jeffries Date: Tue, 1 Apr 2008 11:13:48 +0000 (+1200) Subject: Convert some old-TPROXY code in forward.cc not previously done. X-Git-Tag: BASIC_TPROXY4~6 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=9d45c7861a416168d22e513f8500ec1a02e94c41;p=thirdparty%2Fsquid.git Convert some old-TPROXY code in forward.cc not previously done. --- diff --git a/src/cache_cf.cc b/src/cache_cf.cc index 37e1c31fe0..d05034d035 100644 --- a/src/cache_cf.cc +++ b/src/cache_cf.cc @@ -2931,7 +2931,6 @@ parse_http_port_option(http_port_list * s, char *token) } else if (strcmp(token, "tproxy") == 0) { s->tproxy = 1; - s->transparent = 1; need_linux_tproxy = 1; #if USE_IPV6 /* INET6: until transparent REDIRECT works on IPv6 SOCKET, force wildcard to IPv4 */ diff --git a/src/client_side.cc b/src/client_side.cc index 5cb617f5d9..2914df089f 100644 --- a/src/client_side.cc +++ b/src/client_side.cc @@ -2712,7 +2712,6 @@ okToAccept() } ConnStateData * - connStateCreate(const IPAddress &peer, const IPAddress &me, int fd, http_port_list *port) { ConnStateData *result = new ConnStateData; @@ -2724,9 +2723,12 @@ connStateCreate(const IPAddress &peer, const IPAddress &me, int fd, http_port_li result->in.buf = (char *)memAllocBuf(CLIENT_REQ_BUF_SZ, &result->in.allocatedSize); result->port = cbdataReference(port); - if (port->transparent) +#if LINUX_TPROXY4 + if(port->transparent || port->tproxy) +#else + if(port->transparent) +#endif { - IPAddress dst; if (clientNatLookup(fd, me, peer, dst) == 0) { @@ -3120,8 +3122,8 @@ clientHttpConnectionsOpen(void) #if LINUX_TPROXY4 /* because the transparent/non-transparent port info is only known here. * we have to set the IP_TRANSPARENT option here. */ - if(s->transparent) - comm_set_transparent(fd,0); + if(s->tproxy) + comm_set_transparent(fd); #endif comm_listen(fd); diff --git a/src/comm.cc b/src/comm.cc index 5d88c9abec..4de15926e9 100644 --- a/src/comm.cc +++ b/src/comm.cc @@ -1328,7 +1328,7 @@ comm_old_accept(int fd, ConnectionDetail &details) #if LINUX_TPROXY4 /* AYJ: do we need to set this again on every accept? */ if(fd_table[fd].flags.transparent == 1) { - comm_set_transparent(sock, 0); + comm_set_transparent(sock); F->flags.transparent = 1; } #endif diff --git a/src/comm.h b/src/comm.h index eab69615ac..f3068cfb06 100644 --- a/src/comm.h +++ b/src/comm.h @@ -59,7 +59,7 @@ SQUIDCEXTERN int comm_set_tos(int fd, int tos); /** * Set the socket IP_TRANSPARENT option for Linux TPROXY v4 support. */ -SQUIDCEXTERN void comm_set_transparent(int fd, int tos); +SQUIDCEXTERN void comm_set_transparent(int fd); SQUIDCEXTERN void commSetSelect(int, unsigned int, PF *, void *, time_t); SQUIDCEXTERN void commResetSelect(int); diff --git a/src/forward.cc b/src/forward.cc index 2c01441062..6a6bf5809d 100644 --- a/src/forward.cc +++ b/src/forward.cc @@ -270,7 +270,7 @@ FwdState::fwdStart(int client_fd, StoreEntry *entry, HttpRequest *request) default: FwdState::Pointer fwd = new FwdState(client_fd, entry, request); -#if LINUX_TPROXY +#if LINUX_TPROXY2 || LINUX_TPROXY4 /* If we need to transparently proxy the request * then we need the client source protocol, address and port */ fwd->src = request->client_addr; @@ -775,7 +775,7 @@ FwdState::connectStart() const char *domain = NULL; int ctimeout; int ftimeout = Config.Timeout.forward - (squid_curtime - start_t); -#if LINUX_TPROXY +#if LINUX_TPROXY2 struct in_tproxy itp; #endif @@ -802,7 +802,7 @@ FwdState::connectStart() ctimeout = Config.Timeout.connect; } -#if LINUX_TPROXY +#if LINUX_TPROXY2 || LINUX_TPROXY4 if (request->flags.tproxy) client_addr = request->client_addr; @@ -888,9 +888,14 @@ FwdState::connectStart() if (fs->_peer) { hierarchyNote(&request->hier, fs->code, fs->_peer->host); } else { -#if LINUX_TPROXY +#if LINUX_TPROXY2 || LINUX_TPROXY4 if (request->flags.tproxy) { + +#if LINUX_TPROXY4 + comm_set_transparent(fd); + +#elif LINUX_TPROXY2 IPAddress addr; src.GetInAddr(itp.v.addr.faddr); @@ -918,6 +923,7 @@ FwdState::connectStart() request->flags.tproxy = 0; } } +#endif } #endif