G'day, I'm looking at Gonzalo's Squid-2 + TPROXY-4 patch in bugzilla (1581) and it doesn't seem all that difficult to integrate TPROXY-4 support. It won't make it in time for 2.7 (whenever that last outstanding bug is fixed) but I'd like to make it in for 2.8.
There are a few core things to integrate: * the logic which tracks the "tproxy" connection status, including the pconn popping, etc; and * the actual hack required to do the non-local bind(); and finally * the setup stuff - the capabilities dance for tproxy-2; whatever we decide in FreeBSD to grant a process "permission" to do non-local binds. I'll break out the "source spoofing" into seperate files, one per "option", and I may get around to doing that for the ip interception logic too to keep things clean. Comments? Adrian -- - Xenion - http://www.xenion.com.au/ - VPS Hosting - Commercial Squid Support - - $25/pm entry-level VPSes w/ capped bandwidth charges available in WA -
