From: Amos Jeffries Date: Mon, 7 Apr 2008 10:30:11 +0000 (+1200) Subject: Move IP_TRANSPARENT setting into comm_openex(...) X-Git-Tag: BASIC_TPROXY4~2 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=c303f6e3c5fbbc11b6ab176aced7463ed0ae5a6c;p=thirdparty%2Fsquid.git Move IP_TRANSPARENT setting into comm_openex(...) Author: Laszlo Attilla Toth Adds flag COMM_TRANSPARENT which must be passed to comm_openex() for transparent ports. --- diff --git a/src/client_side.cc b/src/client_side.cc index e61c745c68..0c247a2918 100644 --- a/src/client_side.cc +++ b/src/client_side.cc @@ -2735,7 +2735,7 @@ connStateCreate(const IPAddress &peer, const IPAddress &me, int fd, http_port_li IPAddress dst; if (clientNatLookup(fd, me, peer, dst) == 0) { - result-> me = dst; /* XXX This should be moved to another field */ + result->me = dst; /* XXX This should be moved to another field */ result->transparent(true); } } @@ -3113,22 +3113,22 @@ clientHttpConnectionsOpen(void) #endif enter_suid(); - fd = comm_open(SOCK_STREAM, - IPPROTO_TCP, - s->s, - COMM_NONBLOCKING, "HTTP Socket"); + +#if LINUX_TPROXY4 + if(s->tproxy) { + fd = comm_openex(SOCK_STREAM, IPPROTO_TCP, s->s, (COMM_NONBLOCKING|COMM_TRANSPARENT), 0, "HTTP Socket"); + } + else +#endif + { + fd = comm_open(SOCK_STREAM, IPPROTO_TCP, s->s, COMM_NONBLOCKING, "HTTP Socket"); + } + leave_suid(); if (fd < 0) continue; -#if LINUX_TPROXY4 - /* because the transparent/non-transparent port info is only known here. - * we have to set the IP_TRANSPARENT option here. */ - if(s->tproxy) - comm_set_transparent(fd); -#endif - comm_listen(fd); comm_accept(fd, httpAccept, s); diff --git a/src/comm.cc b/src/comm.cc index 5f4ca13d05..a3c4a274f8 100644 --- a/src/comm.cc +++ b/src/comm.cc @@ -670,7 +670,6 @@ comm_openex(int sock_type, addr.GetAddrInfo(AI); AI->ai_socktype = sock_type; AI->ai_protocol = proto; - AI->ai_flags = flags; debugs(50, 3, "comm_openex: Attempt open socket for: " << addr ); @@ -771,6 +770,13 @@ comm_openex(int sock_type, PROF_stop(comm_open); } +#if LINUX_TPROXY4 + if((flags & COMM_TRANSPARENT)) { + comm_set_transparent(new_socket); + F->flags.transparent = 1; + } +#endif + #ifdef TCP_NODELAY if (sock_type == SOCK_STREAM) commSetTcpNoDelay(new_socket); diff --git a/src/defines.h b/src/defines.h index dac189e1c1..f5dcaf8863 100644 --- a/src/defines.h +++ b/src/defines.h @@ -65,6 +65,7 @@ #define COMM_NONBLOCKING 0x01 #define COMM_NOCLOEXEC 0x02 #define COMM_REUSEADDR 0x04 +#define COMM_TRANSPARENT 0x08 #include "Debug.h" #define do_debug(SECTION, LEVEL) ((Debug::level = (LEVEL)) > Debug::Levels[SECTION]) diff --git a/src/forward.cc b/src/forward.cc index 1b773e4055..139188a7ad 100644 --- a/src/forward.cc +++ b/src/forward.cc @@ -845,12 +845,15 @@ FwdState::connectStart() debugs(17, 3, "fwdConnectStart: got outgoing addr " << outgoing << ", tos " << tos); - fd = comm_openex(SOCK_STREAM, - IPPROTO_TCP, - outgoing, - COMM_NONBLOCKING, - tos, - url); +#if LINUX_TPROXY4 + if (request->flags.tproxy) { + fd = comm_openex(SOCK_STREAM, IPPROTO_TCP, outgoing, (COMM_NONBLOCKING|COMM_TRANSPARENT), tos, url); + } + else +#endif + { + fd = comm_openex(SOCK_STREAM, IPPROTO_TCP, outgoing, COMM_NONBLOCKING, tos, url); + } debugs(17, 3, "fwdConnectStart: got TCP FD " << fd); @@ -1262,6 +1265,11 @@ getOutgoingAddr(HttpRequest * request) { ACLChecklist ch; +#if LINUX_TPROXY4 + if (request && request->flags.tproxy) + return request->client_addr; +#endif + if (request) { ch.src_addr = request->client_addr;