CommCalls.h \
DescriptorSet.cc \
DescriptorSet.h \
- IPInterception.cc \
- IPInterception.h \
ICAP/AsyncJob.cc \
ICAP/AsyncJob.h \
SquidConfig.cc \
## client_db wants SNMP_SOURCE
## snmp_core wants ACLStringData
## SwapDir wants ConfigOption
+## tools.cc wants libip.la
+## client_side.cc wants libip.la
ufsdump_SOURCES = \
debug.cc \
int.cc \
peer_sourcehash.cc \
peer_userhash.cc \
protos.h \
- ip/stubQosConfig.cc \
redirect.cc \
referer.cc \
refresh.cc \
libsquid.la \
libauth.la \
icmp/libicmp.la icmp/libicmp-core.la \
+ ip/libip.la \
-L../lib \
@XTRA_OBJS@ \
@REPL_OBJS@ \
peer_select.cc \
peer_sourcehash.cc \
peer_userhash.cc \
- ip/stubQosConfig.cc \
redirect.cc \
referer.cc \
refresh.cc \
libsquid.la \
libauth.la \
icmp/libicmp.la icmp/libicmp-core.la \
+ ip/libip.la \
@REPL_OBJS@ \
${ADAPTATION_LIBS} \
@REGEXLIB@ \
peer_select.cc \
peer_sourcehash.cc \
peer_userhash.cc \
- ip/stubQosConfig.cc \
redirect.cc \
referer.cc \
refresh.cc \
libsquid.la \
libauth.la \
icmp/libicmp.la icmp/libicmp-core.la \
+ ip/libip.la \
@REPL_OBJS@ \
${ADAPTATION_LIBS} \
@REGEXLIB@ \
peer_select.cc \
peer_sourcehash.cc \
peer_userhash.cc \
- ip/stubQosConfig.cc \
redirect.cc \
referer.cc \
refresh.cc \
libsquid.la \
libauth.la \
icmp/libicmp.la icmp/libicmp-core.la \
+ ip/libip.la \
@REPL_OBJS@ \
${ADAPTATION_LIBS} \
@REGEXLIB@ \
peer_sourcehash.cc \
peer_userhash.cc \
pconn.cc \
- ip/stubQosConfig.cc \
redirect.cc \
referer.cc \
refresh.cc \
libsquid.la \
libauth.la \
icmp/libicmp.la icmp/libicmp-core.la \
+ ip/libip.la \
@REPL_OBJS@ \
@STORE_OBJS@ \
${ADAPTATION_LIBS} \
peer_select.cc \
peer_sourcehash.cc \
peer_userhash.cc \
- ip/stubQosConfig.cc \
redirect.cc \
referer.cc \
refresh.cc \
libsquid.la \
libauth.la \
icmp/libicmp.la icmp/libicmp-core.la \
+ ip/libip.la \
@REPL_OBJS@ \
${ADAPTATION_LIBS} \
@REGEXLIB@ \
peer_select.cc \
peer_sourcehash.cc \
peer_userhash.cc \
- ip/stubQosConfig.cc \
redirect.cc \
referer.cc \
refresh.cc \
libsquid.la \
libauth.la \
icmp/libicmp.la icmp/libicmp-core.la \
+ ip/libip.la \
@REGEXLIB@ \
@REPL_OBJS@ \
${ADAPTATION_LIBS} \
#include "Parsing.h"
#include "MemBuf.h"
#include "wordlist.h"
-#include "IPInterception.h"
+#include "ip/IpIntercept.h"
#if HAVE_GLOB_H
#include <glob.h>
} else if (strcmp(token, "transparent") == 0 || strcmp(token, "intercept") == 0) {
s->intercepted = 1;
- IPInterceptor.StartInterception();
+ IpInterceptor.StartInterception();
/* Log information regarding the port modes under interception. */
debugs(3, DBG_IMPORTANT, "Starting Authentication on port " << s->s);
debugs(3, DBG_IMPORTANT, "Disabling Authentication on port " << s->s << " (interception enabled)");
self_destruct();
}
s->spoof_client_ip = 1;
- IPInterceptor.StartTransparency();
+ IpInterceptor.StartTransparency();
/* Log information regarding the port modes under transparency. */
debugs(3, DBG_IMPORTANT, "Starting IP Spoofing on port " << s->s);
debugs(3, DBG_IMPORTANT, "Disabling Authentication on port " << s->s << " (Ip spoofing enabled)");
* data flow.
*/
-#include "config.h"
#include "squid.h"
#include "client_side.h"
#include "clientStream.h"
#include "ProtoPort.h"
-#include "IPInterception.h"
#include "AuthUserRequest.h"
#include "Store.h"
#include "comm.h"
#include "HttpReply.h"
#include "HttpRequest.h"
#include "ident.h"
+#include "ip/IpIntercept.h"
#include "MemObject.h"
#include "fde.h"
#include "client_side_request.h"
* If transparent or interception mode is working clone the transparent and interception flags
* from the port settings to the request.
*/
- if (IPInterceptor.InterceptActive()) {
+ if (IpInterceptor.InterceptActive()) {
request->flags.intercepted = http->flags.intercepted;
}
- if (IPInterceptor.TransparentActive()) {
+ if (IpInterceptor.TransparentActive()) {
request->flags.spoof_client_ip = conn->port->spoof_client_ip;
}
if (port->intercepted || port->spoof_client_ip) {
IPAddress client, dst;
- if (IPInterceptor.NatLookup(fd, me, peer, client, dst) == 0) {
+ if (IpInterceptor.NatLookup(fd, me, peer, client, dst) == 0) {
result->me = client;
result->peer = dst;
result->transparent(true);
#include "SquidTime.h"
#include "CommCalls.h"
#include "IPAddress.h"
-#include "IPInterception.h"
#include "DescriptorSet.h"
#include "icmp/net_db.h"
+#include "ip/IpIntercept.h"
#if defined(_SQUID_CYGWIN_)
#include <sys/ioctl.h>
-
/*
- * $Id: forward.cc,v 1.175 2008/02/11 22:26:39 rousskov Exp $
- *
* DEBUG: section 17 Request Forwarding
* AUTHOR: Duane Wessels
*
#include "SquidTime.h"
#include "Store.h"
#include "icmp/net_db.h"
-#include "IPInterception.h"
+#include "ip/IpIntercept.h"
static PSC fwdStartCompleteWrapper;
static PF fwdServerClosedWrapper;
* then we need the client source protocol, address and port */
if (request->flags.spoof_client_ip) {
fwd->src = request->client_addr;
- // AYJ: do we need to pass on the transparent flag also?
}
fwd->start(fwd);
if (!fs->_peer && request->flags.spoof_client_ip) {
// try to set the outgoing address using TPROXY v2
// if it fails we abort any further TPROXY actions on this connection
- if (IPInterceptor.SetTproxy2OutgoingAddr(int fd, const IPAddress &src) == -1) {
+ if (IpInterceptor.SetTproxy2OutgoingAddr(int fd, const IPAddress &src) == -1) {
request->flags.spoof_client_ip = 0;
}
}
/*
- * $Id: IPInterception.cc,v 1.20 2008/02/05 22:38:24 amosjeffries Exp $
- *
* DEBUG: section 89 NAT / IP Interception
* AUTHOR: Robert Collins
* AUTHOR: Amos Jeffries
*
*/
#include "config.h"
-#include "IPInterception.h"
+#include "IpIntercept.h"
#include "fde.h"
-#if 0
-#include "squid.h"
-#include "clientStream.h"
-#endif
-
#if IPF_TRANSPARENT
#if HAVE_SYS_IOCTL_H
// single global instance for access by other components.
-IPIntercept IPInterceptor;
+IpIntercept IpInterceptor;
void
-IPIntercept::StopTransparency(const char *str)
+IpIntercept::StopTransparency(const char *str)
{
if (transparent_active) {
debugs(89, DBG_IMPORTANT, "Stopping full transparency: " << str);
}
void
-IPIntercept::StopInterception(const char *str)
+IpIntercept::StopInterception(const char *str)
{
if (intercept_active) {
debugs(89, DBG_IMPORTANT, "Stopping IP interception: " << str);
}
int
-IPIntercept::NetfilterInterception(int fd, const IPAddress &me, IPAddress &dst, int silent)
+IpIntercept::NetfilterInterception(int fd, const IPAddress &me, IPAddress &dst, int silent)
{
#if LINUX_NETFILTER
struct addrinfo *lookup = NULL;
}
int
-IPIntercept::NetfilterTransparent(int fd, const IPAddress &me, IPAddress &client, int silent)
+IpIntercept::NetfilterTransparent(int fd, const IPAddress &me, IPAddress &client, int silent)
{
#if LINUX_NETFILTER
}
int
-IPIntercept::IPFWInterception(int fd, const IPAddress &me, IPAddress &dst, int silent)
+IpIntercept::IpfwInterception(int fd, const IPAddress &me, IPAddress &dst, int silent)
{
#if IPFW_TRANSPARENT
struct addrinfo *lookup = NULL;
}
int
-IPIntercept::NatLookup(int fd, const IPAddress &me, const IPAddress &peer, IPAddress &client, IPAddress &dst)
+IpIntercept::NatLookup(int fd, const IPAddress &me, const IPAddress &peer, IPAddress &client, IPAddress &dst)
{
#if IPF_TRANSPARENT /* --enable-ipf-transparent */
client = me;
if (intercept_active) {
if ( NetfilterInterception(fd, me, client, silent) == 0) return 0;
- if ( IPFWInterception(fd, me, client, silent) == 0) return 0;
+ if ( IpfwInterception(fd, me, client, silent) == 0) return 0;
}
if (transparent_active) {
if ( NetfilterTransparent(fd, me, dst, silent) == 0) return 0;
}
#if LINUX_TPROXY2
-IPIntercept::SetTproxy2OutgoingAddr(int fd, const IPAddress &src)
+IpIntercept::SetTproxy2OutgoingAddr(int fd, const IPAddress &src)
{
IPAddress addr;
struct in_tproxy itp;
/*
- * $Id: IPInterception.h,v 1.7 2007/12/14 23:11:45 amosjeffries Exp $
- *
* DEBUG: section 89 NAT / IP Interception
* AUTHOR: Robert Collins
* AUTHOR: Amos Jeffries
#include "SquidTime.h"
/**
- \defgroup IPInterceptAPI IP Interception and Transparent Proxy API
+ \defgroup IpInterceptAPI IP Interception and Transparent Proxy API
\ingroup SquidComponent
\par
* There is no formal state-machine for transparency and interception
* instead there is this neutral API which other connection state machines
* and the comm layer use to co-ordinate their own state for transparency.
*/
-class IPIntercept
+class IpIntercept
{
public:
- IPIntercept() : transparent_active(0), intercept_active(0), last_reported(0) {};
- ~IPIntercept() {};
+ IpIntercept() : transparent_active(0), intercept_active(0), last_reported(0) {};
+ ~IpIntercept() {};
/** Perform NAT lookups */
int NatLookup(int fd, const IPAddress &me, const IPAddress &peer, IPAddress &client, IPAddress &dst);
\retval 0 Successfuly located the new address.
\retval -1 An error occured during NAT lookups.
*/
- int IPFWInterception(int fd, const IPAddress &me, IPAddress &client, int silent);
+ int IpfwInterception(int fd, const IPAddress &me, IPAddress &client, int silent);
int transparent_active;
};
#if LINUX_NETFILTER && !defined(IP_TRANSPARENT)
-/// \ingroup IPInterceptAPI
+/// \ingroup IpInterceptAPI
#define IP_TRANSPARENT 19
#endif
/**
- \ingroup IPInterceptAPI
+ \ingroup IpInterceptAPI
* Globally available instance of the IP Interception manager.
*/
-extern IPIntercept IPInterceptor;
+extern IpIntercept IpInterceptor;
#endif /* SQUID_IPINTERCEPTION_H */
noinst_LTLIBRARIES = libip.la
libip_la_SOURCES = \
+ IpIntercept.h \
+ IpIntercept.cc \
QosConfig.h \
QosConfig.cc
## Special Universal .h dependency test script
## aborts if error encountered
-testHeaders: $(top_srcdir)/src/icmp/*.h
- $(SHELL) $(top_srcdir)/test-suite/testheaders.sh "$(CXXCOMPILE)" "$(top_srcdir)/src/icmp/" || exit 1
+testHeaders: $(top_srcdir)/src/ip/*.h
+ $(SHELL) $(top_srcdir)/test-suite/testheaders.sh "$(CXXCOMPILE)" "$(top_srcdir)/src/ip/" || exit 1
## No such file...
testHeaders.c:
#include "MemBuf.h"
#include "wordlist.h"
#include "SquidTime.h"
-#include "IPInterception.h"
+#include "ip/IpIntercept.h"
#ifdef _SQUID_LINUX_
#if HAVE_SYS_CAPABILITY_H
#if HAVE_PRCTL && defined(PR_SET_KEEPCAPS) && HAVE_SYS_CAPABILITY_H
if (prctl(PR_SET_KEEPCAPS, 1, 0, 0, 0)) {
- IPInterceptor.StopTransparency("capability setting has failed.");
+ IpInterceptor.StopTransparency("capability setting has failed.");
}
#endif
}
cap->inheritable = 0;
cap->effective = (1 << CAP_NET_BIND_SERVICE);
- if (IPInterceptor.TransparentActive()) {
+ if (IpInterceptor.TransparentActive()) {
cap->effective |= (1 << CAP_NET_ADMIN);
#if LINUX_TPROXY2
cap->effective |= (1 << CAP_NET_BROADCAST);
cap->permitted &= cap->effective;
if (capset(head, cap) != 0) {
- IPInterceptor.StopTransparency("Error enabling needed capabilities.");
+ IpInterceptor.StopTransparency("Error enabling needed capabilities.");
}
}
xfree(cap);
#else
- IPInterceptor.StopTransparency("Missing needed capability support.");
+ IpInterceptor.StopTransparency("Missing needed capability support.");
#endif /* HAVE_SYS_CAPABILITY_H */
#endif /* !defined(_SQUID_LINUX_) */
*
*/
-#include "squid.h"
+#include "config.h"
#include "StoreMeta.h"
#include "StoreMetaUnpacker.h"
#include "Store.h"
projects / thirdparty / squid.git / commitdiff
