trafficserver-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Marc Branchaud <marcn...@xiplink.com>
Subject Re: TProxy/Bridge on FreeBSD
Date Mon, 06 May 2013 15:18:34 GMT
On 13-05-04 07:03 PM, Bruno Ara├║jo wrote:
> Hi,
> 
> How can I use TS as transparent proxy, like squid tproxy, on a FreeBSD bridge QoS?

Our solution is likely to not work for anyone else, but I'll describe it
anyway just in case.

We use a custom (and older) FreeBSD kernel that we've hacked to allow bind()
to spoof IP addresses without privileges.

To get transparent TS in our environment, I taught the build a
--tproxy=nosockopt which enables transparent proxying without trying to
setsockopt(IP_TRANSPARENT).  I can make this patch available if you like.
Conceivably this might allow you do have transparent TS if you run it as
root, but I haven't tried that.

We have plans to move to a modern FreeBSD, and at that time I intend to dig
into FreeBSD's Capsicum stuff and see if I can get TS to properly do
transparency on FreeBSD.  But at this time I can't say when this might happen.

		M.

Mime
View raw message