#include <Intercept.h>
Public Member Functions | |
Intercept () | |
~Intercept () | |
bool | LookupNat (const Comm::Connection &) |
perform NAT lookups for the local address of the given connection More... | |
bool | ProbeForTproxy (Address &test) |
int | TransparentActive () |
void | StartTransparency () |
void | StopTransparency (const char *str) |
int | InterceptActive () |
void | StartInterception () |
Private Member Functions | |
bool | NetfilterInterception (const Comm::ConnectionPointer &newConn) |
bool | IpfwInterception (const Comm::ConnectionPointer &newConn) |
bool | IpfInterception (const Comm::ConnectionPointer &newConn) |
bool | PfInterception (const Comm::ConnectionPointer &newConn) |
Private Attributes | |
int | transparentActive_ |
int | interceptActive_ |
Detailed Description
Definition at line 29 of file Intercept.h.
Constructor & Destructor Documentation
◆ Intercept()
|
inline |
Definition at line 32 of file Intercept.h.
◆ ~Intercept()
|
inline |
Definition at line 33 of file Intercept.h.
Member Function Documentation
◆ InterceptActive()
|
inline |
- Return values
-
0 IP Interception is disabled. 1 IP Interception is enabled and active.
Definition at line 74 of file Intercept.h.
References interceptActive_.
◆ IpfInterception()
|
private |
perform Lookups on IPF interception.
- Parameters
-
newConn Details known, to be updated where relevant.
- Returns
- Whether successfully located the new address.
Definition at line 197 of file Intercept.cc.
References DBG_CRITICAL, debugs, Ip::Address::getInAddr(), Ip::Address::isIPv6(), Comm::Connection::local, and Comm::Connection::remote.
◆ IpfwInterception()
|
private |
perform Lookups on IPFW interception.
- Parameters
-
newConn Details known, to be updated where relevant.
- Returns
- Whether successfully located the new address.
Definition at line 181 of file Intercept.cc.
References debugs.
◆ LookupNat()
bool Ip::Intercept::LookupNat | ( | const Comm::Connection & | aConn | ) |
Definition at line 382 of file Intercept.cc.
References assert, debugs, Comm::Connection::local, and Comm::Connection::remote.
◆ NetfilterInterception()
|
private |
perform Lookups on Netfilter interception targets (REDIRECT, DNAT).
- Parameters
-
newConn Details known, to be updated where relevant.
- Returns
- Whether successfully located the new address.
- Try NAT lookup for REDIRECT or DNAT targets.
Definition at line 123 of file Intercept.cc.
References DBG_IMPORTANT, debugs, Comm::Connection::fd, Ip::Address::getSockAddr(), IP6T_SO_ORIGINAL_DST, Ip::Address::isIPv6(), Comm::Connection::local, and xstrerr().
◆ PfInterception()
|
private |
perform Lookups on PF interception target (REDIRECT).
- Parameters
-
newConn Details known, to be updated where relevant.
- Returns
- Whether successfully located the new address.
Definition at line 310 of file Intercept.cc.
References DBG_IMPORTANT, debugs, Ip::Address::getInAddr(), Ip::Address::isIPv6(), Comm::Connection::local, Ip::Address::port(), Comm::Connection::remote, and xstrerr().
◆ ProbeForTproxy()
bool Ip::Intercept::ProbeForTproxy | ( | Ip::Address & | test | ) |
Test system networking calls for TPROXY support. Detects IPv6 and IPv4 level of support matches the address being listened on and if the compiled v2/v4 is usable as far down as a bind()ing.
- Parameters
-
test Address set on the squid.conf *_port being checked.
- Return values
-
true TPROXY is available. false TPROXY is not available.
Definition at line 393 of file Intercept.cc.
References DBG_CRITICAL, debugs, enter_suid(), Ip::Address::isIPv4(), Ip::Address::isIPv6(), leave_suid(), Ip::Address::port(), and Ip::Address::setIPv4().
◆ StartInterception()
void Ip::Intercept::StartInterception | ( | ) |
- Turn on IP-Interception-Proxy activities. This function should be called during parsing of the squid.conf When any option requiring interception / NAT handling is encountered.
Definition at line 167 of file Intercept.cc.
References Here.
◆ StartTransparency()
void Ip::Intercept::StartTransparency | ( | ) |
- Turn on fully Transparent-Proxy activities. This function should be called during parsing of the squid.conf When any option requiring full-transparency is encountered.
Definition at line 152 of file Intercept.cc.
References Here.
◆ StopTransparency()
void Ip::Intercept::StopTransparency | ( | const char * | str | ) |
- Turn off fully Transparent-Proxy activities on all new connections. Existing transactions and connections are unaffected and will run to their natural completion.
- Parameters
-
str Reason for stopping. Will be logged to cache.log
Definition at line 114 of file Intercept.cc.
References DBG_IMPORTANT, debugs, and transparentActive_.
◆ TransparentActive()
|
inline |
- Return values
-
0 Full transparency is disabled. 1 Full transparency is enabled and active.
Definition at line 53 of file Intercept.h.
References transparentActive_.
Member Data Documentation
◆ interceptActive_
|
private |
Definition at line 118 of file Intercept.h.
Referenced by InterceptActive().
◆ transparentActive_
|
private |
Definition at line 117 of file Intercept.h.
Referenced by StopTransparency(), and TransparentActive().
The documentation for this class was generated from the following files:
- src/ip/Intercept.h
- src/ip/Intercept.cc