Hi,
attached patch changes "redirector" lines
http://g.idnes.cz/js/ad/vylohy.js 127.0.0.1/localhost - GET
->
http://g.idnes.cz/js/ad/vylohy.js 127.0.0.1:42423/localhost - GET
to be able to track the specific client requests. Just an IP address is
sometimes not enough in the current world of "PnP" clients where the servers
adapt to the fixed IP configuration of the client (as the client is not
expected to be able to reconfigure her host). In such world there may exist
multiple clients with the same IP on multiple VLANs (identified by VIP) and
unique client identification can be done just be the client's ARP.
Attached "redirector-track-arp_vid.pmfrag" also shows how to get the client's
ARP + VID (VLAN ID - the number 5 in the case of Linux kernel "eth1.5" VLAN).
I am not going to start Squid development; I would like to discuss if this
trivia patch can get somehow imported as it breaks the compatibility with the
currently existing "redirector" implementations.
Regards,
Lace
diff -ru squid-2.5.STABLE6-orig/src/redirect.c squid-2.5.STABLE6/src/redirect.c
--- squid-2.5.STABLE6-orig/src/redirect.c 2003-12-14 14:40:47.000000000 +0100
+++ squid-2.5.STABLE6/src/redirect.c 2004-10-20 18:05:11.694695554 +0200
@@ -122,9 +122,10 @@
cbdataLock(r->data);
if ((fqdn = fqdncache_gethostbyaddr(r->client_addr, 0)) == NULL)
fqdn = dash_str;
- snprintf(buf, 8192, "%s %s/%s %s %s\n",
+ snprintf(buf, 8192, "%s %s:%u/%s %s %s\n",
r->orig_url,
inet_ntoa(r->client_addr),
+ (unsigned)ntohs(conn->peer.sin_port),
fqdn,
r->client_ident[0] ? rfc1738_escape(r->client_ident) : dash_str,
r->method_s);
# URL ip-address:port/fqdn ident method
# http://g.idnes.cz/js/ad/vylohy.js 127.0.0.1:42423/localhost - GET
do { $_=$error; next; } if
!(my($url,$client_hostip,$client_port,$method)=m#^\s*(.+?)\s+([\d.]+)(?::(\d+))\S*\s+\S+\s+(\S+)\s*$#s);
do { $_=$error; next; } if
!(my($client_arp,$client_vid)=My::HotelKeeper->client_arp_vid($client_hostip,$client_port,$C->{"proxy_hostip"},$C->{"proxy_port"}));
sub client_arp_vid($$$$$)
{
my($self,$client_hostip,$client_port,$server_hostip,$server_port)[EMAIL PROTECTED];
# tcp 6 428476 ESTABLISHED src=192.168.192.1 dst=192.168.192.50
sport=36440 dport=22 packets=1718 bytes=98100 src=192.168.192.50 dst=192.168.192.1
sport=22 dport=36440 packets=1522 bytes=132767 [ASSURED] use=1 mark=0
local *CONNTRACK;
open CONNTRACK,$CONNTRACK_PATHNAME or confess "open \"$CONNTRACK_PATHNAME\":
$!";
my $conntrack=do { local $/=undef(); <CONNTRACK>; };
close CONNTRACK or confess "close \"$CONNTRACK_PATHNAME\": $!";
my $mark=($conntrack=~/^tcp\b.* \Qsrc=$client_hostip dst=$server_hostip
sport=$client_port dport=$server_port\E .* mark=(\d+)/m)[0];
# return if !$mark;
$mark=qr/\d+/ if !defined $mark; # for non-FORWARDed (local) connections
# IP address HW type Flags HW address Mask
Device
# 192.168.2.254 0x1 0x2 00:08:74:3F:FB:1B *
eth1.2
local *ARP;
open ARP,$ARP_PATHNAME or confess "open \"$ARP_PATHNAME\": $!";
my $arp_file=do { local $/=undef(); <ARP>; };
close ARP or confess "close \"$ARP_PATHNAME\": $!";
my($arp,$vid)=($arp_file=~/^\Q$client_hostip\E\s+\S+\s+\S+\s+((?:[[:xdigit:]]{2}:){5}[[:xdigit:]]{2})\s+\S+\s+eth\d+[.]($mark)$/m);
return if !$arp || !defined $vid;
return($arp,$vid);
}
