On Mon, 10 May 2010 22:49:03 +0200, Henrik Nordström <[email protected]> wrote: > mån 2010-05-10 klockan 18:13 +0200 skrev Kinkie: >> >> revno: 10425 >> >> committer: Francesco Chemolli <[email protected]> >> >> branch nick: trunk >> >> timestamp: Sun 2010-04-25 23:40:51 +0200 >> >> message: >> >> Interim merge from autoconf-refactor feature-branch. >> > >> > Kinkie, could you please check that netfilter-based interception >> > proxies >> > are still supported? >> >> Will do ASAP (probably tomorrow). > > I have added back the missing define for LINUX_NETFILTER, but this is > the second odd thing in the autoconf refactor merge. Can you please do a > full review of your merge to see if there is anything else that's odd? > >> > It would also be nice to get rid of libcap and TPROXY warnings when the >> > user wants just netfilter-based interception proxy support and is >> > willing to --disable the rest. In Squid v3.1, we now get these >> > irrelevant (for the said configuration) warnings: >> >> I'll check. > > trunk does not even have a configure option for controlling TPROXY. It's > assumed to always be available by configure.in, and disabled in compiled > code based on system header defines.
Huh? TPROXYv2 was. v4 is different. trunk TPROXYv4 is build controlled by the LINUX_NETFILTER present/absent options. Since it's in the netfilter software. At run-time it's tested by a startup probe of the kernel via libsock (always present) and libcap (optional, thus the libcap mention). * libsock to test whether a v6 socket can handle the IP_TRANSPARENT flag and enable/disable the v6 support. * libcap to see if the spoofing privileges are available to enable/disable tproxy entirely. Amos
