On Wed, Dec 17, 2008 at 3:33 PM, Graham Leggett <[email protected]> wrote: > Pranav Desai wrote: > >> I am trying to add tproxy4 >> (http://www.balabit.com/support/community/products/tproxy/) support to >> the mod_proxy to achieve transparency. It basically involves a kernel >> patch which allows binding of a socket to foreign address among other >> things. At the app layer we only need to set the setsockopt() >> >> Here is what I am thinking of doing and I would like your input as to >> whether this is the right approach. >> >> * Modify ap_proxy_connect_backend() to just create the connection. >> Basically, remove the apr_socket_connect() part. >> * Add a new proxy_run_pre_connection hook. >> * Add the tproxy specific code in a module hooked in the above hook. >> Just needs a setsockopt() and the client IP to bind the socket to. >> * And then do the connect. >> >> Is this is an overkill? Should this be done simply by modifying the >> ap_proxy_connect_backend() ? > > In theory, if it does boil down to just a single additional setsockopt(), > then adding a directive to mod_proxy_connect should do the trick. >
Yeah, the application changes are restricted to a few lines. I believe you mean the connect_backend() and not the proxy_connect module for the CONNECT method ? > It does sound like overkill to effectively come up with a whole new module. > > Regards, > Graham > -- >
