From: Francesco Chemolli <kinkie@squid-cache.org>
Date: Fri, 23 Apr 2010 15:03:01 +0000 (+0200)
Subject: Fixed buglet in the interaction between tproxy and netfilter options.
X-Git-Tag: SQUID_3_2_0_1~271^2~3
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=a5eb37311d816d02a5b1a1856ecb7e3f7747811c;p=thirdparty%2Fsquid.git

Fixed buglet in the interaction between tproxy and netfilter options.
---

diff --git a/configure.in b/configure.in
index 1a574237aa..c7587c45a8 100644
--- a/configure.in
+++ b/configure.in
@@ -1398,17 +1398,12 @@ default|"")
 esac
 
 dnl Enable Linux transparent proxy support for obsolete TPROXY
-AH_TEMPLATE(LINUX_TPROXY2,[Enable real Transparent Proxy support for Netfilter TPROXY v2])
-squid_opt_linux_tproxy2="no"
 AC_ARG_ENABLE(linux-tproxy,
   AS_HELP_STRING([--enable-linux-tproxy],
-    [Enable real Transparent Proxy support for Netfilter TPROXY (version 2).]), [
-  if test "$enableval" = "yes" ; then
-    squid_opt_linux_tproxy2="yes"
-    AC_MSG_NOTICE([Linux Transparent Proxy (TPROXY) requested])
-  fi
+    [Enable real Transparent Proxy support for Netfilter TPROXY (v2)]), [
   #AC_DEFINE will be handled later
 ])
+AC_MSG_NOTICE([Linux TPROXY v2 support requested: ${enable_linux_tproxy:=yes}])
 
 dnl Enable Leak Finding Functions
 squid_opt_enable_leakfinder=no
@@ -3200,9 +3195,8 @@ if test "$enable_linux_netfilter" != "no" ; then
     fi
   fi
 fi
-AC_MSG_NOTICE([Linux Netfilter support enabled: $enable_linux_netfilter])
-SQUID_DEFINE_UNQUOTED([LINUX_NETFILTER],$enable_linux_netfilter,
-  [Enable support for Transparent Proxy on Linux via Netfilter])
+#notice and define for LINUX_NETFILTER must be delayed as TPROXY
+# may have something to say about it
 
 dnl Netfilter TPROXY depends on libcap but the NAT parts can still work.
 AC_MSG_NOTICE([Support for Netfilter-based interception proxy requested: $enable_linux_netfilter])
@@ -3210,20 +3204,19 @@ if test "$enable_linux_netfilter" = "yes" && test "$use_libcap" != "yes" ; then
     AC_MSG_WARN([Missing needed capabilities (libcap or libcap2) for TPROXY])
     AC_MSG_WARN([Linux Transparent Proxy support WILL NOT be enabled])
     AC_MSG_WARN([Reduced support to Interception Proxy])
-    squid_opt_linux_tproxy2="no"
+    enable_linux_tproxy="no"
     # AC_DEFINE'd later
 fi
 
 # Linux Netfilter/TPROXYv2 support requires some specific header files and
 # support infrastructure (netfilter and libcap)
-AC_MSG_NOTICE([Support for Linux TPROXY v2 transparent proxy requested: $squid_opt_linux_tproxy2])
-if test "$squid_opt_linux_tproxy2" = "yes" -a "$use_libcap" != "yes" ; then
+if test "$enable_linux_tproxy" = "yes" -a "$use_libcap" != "yes" ; then
   AC_MSG_WARN([Missing needed capabilities (libcap or libcap2) for TPROXY])
   AC_MSG_WARN([Disabling Linux TPROXY v2 support])
   AC_MSG_WARN([Interception proxy will still work])
-  squid_opt_linux_tproxy2="no"
+  enable_linux_tproxy="no"
 fi
-if test "$squid_opt_linux_tproxy2" = "yes" ; then
+if test "$enable_linux_tproxy" = "yes" ; then
   # we already checked that $use_libcap2=yes 
   if test "$enable_linux_netfilter" = "no" ; then
     enable_linux_netfilter="yes"
@@ -3231,27 +3224,27 @@ if test "$squid_opt_linux_tproxy2" = "yes" ; then
   fi
   AC_MSG_CHECKING([if TPROXYv2 header files are installed])
   if test "$ac_cv_header_linux_netfilter_ipv4_ip_tproxy_h" != "yes" ; then
-    squid_opt_linux_tproxy2="no"
+    enable_linux_tproxy="no"
     dnl need to output before next lines
-    AC_MSG_RESULT($squid_opt_linux_tproxy2)
+    AC_MSG_RESULT($enable_linux_tproxy)
     AC_MSG_WARN([Cannot find TPROXY v2 headers, you need to patch the kernel with ])
     AC_MSG_WARN([tproxy package from: http://www.balabit.com/downloads/files/tproxy/])
     AC_MSG_WARN([or use '--enable-linux-netfilter' option instead for Netfilter support.])
   else
-    AC_MSG_RESULT($squid_opt_linux_tproxy2)
+    AC_MSG_RESULT($enable_linux_tproxy)
   fi
 fi
 
-dnl at the end of it all..
-if test "$squid_opt_linux_tproxy2" = "yes" ; then
-  AC_DEFINE(LINUX_TPROXY2, 1)
-else
-  AC_DEFINE(LINUX_TPROXY2, 0)
-fi
+AC_MSG_NOTICE([Linux Netfilter support enabled: $enable_linux_netfilter])
+SQUID_DEFINE_UNQUOTED([LINUX_NETFILTER],$enable_linux_netfilter,
+  [Enable support for Transparent Proxy on Linux via Netfilter])
+SQUID_DEFINE_UNQUOTED(LINUX_TPROXY2,$enable_linux_tproxy,
+    [Enable real Transparent Proxy support for Netfilter TPROXY v2])
 
 
 AC_ARG_ENABLE(gnuregex,
-  AS_HELP_STRING([--enable-gnuregex],[Compile GNUregex.  Unless you have reason to use 
+  AS_HELP_STRING([--enable-gnuregex],
+                 [Compile GNUregex.  Unless you have reason to use 
                  this option, you should not enable it.
                  This library file is usually only required on Windows and 
                  very old Unix boxes which do not have their own regex