Date: Mon, 19 Jul 1999 14:35:56 -0700 From: Julian Elischer <julian@whistle.com> To: Milan Kopacka <Milan.Kopacka@st.ms.mff.cuni.cz> Cc: freebsd-net@FreeBSD.ORG, Konference o transparentni proxy <tpc-l@freebsd.cz> Subject: Re: Tcp shadowing for use in HTTP proxy Message-ID: <37939A3C.FF6D5DF@whistle.com> References: <Pine.SGI.4.05.9907192119580.666417-100000@beta.ms.mff.cuni.cz>
next in thread | previous in thread | raw e-mail | index | archive | help
Look at the 'fwd' option to the ipfw software. julian Milan Kopacka wrote: > > Hi, > > The goal of alobal project is to design and implement transparent proxy > cache for the HTTP protocol, used on TCP/IP networks for transmitting WWW > pages. One of alobal's important features is full transparency for > communicating partners. Usual transparent cache takes over client's > connections and gets the data for them. However, the server sees as his > communicating partner the cache machine. > > To solve this missing transparency, cache should connect to http server > using client's IP address. However, such address is in use by original > client and we still need to communicate with it. Cache node will need a > "shadow" interface, which is used to make such connections. Shadow > interface accepts packets destined to specified hosts (and redirected to > localhost) and delivers them to localhost. On the other hand, it is not > used by routing to deliver packets originating from localhost. > > Setup and use of shadow interface is automatic - process creating TCP > connection calls bind() to assign local IP address to socket. When such IP > is not present on interfaces, it is added to the shadow interface list. > When connection is terminated, address is removed from list. The list is > for efficiency implemented as hash table with usage counts (we need to > open multiple connections under one client's identity). > > Please take look at http://www.ms.mff.cuni.cz/~mkop5230/tcp-shadow/ > and tell me what you think about it. There are patches against > 3.2-RELEASE. > > Thanks > > Milan Kopacka > > -- > <Milan.Kopacka@st.mff.cuni.cz> > ... a koho system nachyta na procesoru, tomu snizi prioritu. > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-net" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?37939A3C.FF6D5DF>