On 10/3/2012 12:05 PM, Amos Jeffries wrote:
The Squid bits by me. The latest round of kernel bits by Krisztian
Kovacs on netfiler-devel mailing list.
Amos
I will start here.
I wrote some code to use trpoxy and I seems to get the hang of it.
basically I want to filter more then just HTTP and HTTPS and there is
another layer of filtering.
http request can be done on port 8080 or 10000 or 55555 but iptables is
not built yet low+high level which will peek at the first part of the
packet and will determine if it's http request that suppose to be
intercepted into squid.
So first, are there any existing solution to identify http traffic and
then decide if to send it into squid?
the only option I had in my mind is to write some small proxy that will
inspect connections headers and will allow or deny them.
I was more then happy to leave what I can to the lower level closer to
the kernel but there are things that it was not ment to do.
Second thing: i'm trying to think on the basic logic of my Tproxy server.
There are couple things about sockets and TCP that i'm struggling to
understand or get back to my TCP learning stage after hearing some
people opinions.
Since I am pairing two sockets(as transparent proxy) I need to know when
to send to who and when to stop\close the "loop".
I must close the connection to the origin in the case of client socket
is closed..
but what do I do in sense of TCP as a TPROXY when the server is in a
half close state? just wait for data and send it after.
Another thing was that I saw that I have a situation when the connection
from the server was closed and a select would return me a read socket
from an unknown reason.
I will be happy to know if you do have some knowledge about TPROXY
sockets behavior that I should know of.
Thanks,
Eliezer
--
Eliezer Croitoru
https://www1.ngtech.co.il
IT consulting for Nonprofit organizations
eliezer <at> ngtech.co.il
