Pranav Desai wrote:
I am trying to add tproxy4 (http://www.balabit.com/support/community/products/tproxy/) support to the mod_proxy to achieve transparency. It basically involves a kernel patch which allows binding of a socket to foreign address among other things. At the app layer we only need to set the setsockopt()Here is what I am thinking of doing and I would like your input as to whether this is the right approach. * Modify ap_proxy_connect_backend() to just create the connection. Basically, remove the apr_socket_connect() part. * Add a new proxy_run_pre_connection hook. * Add the tproxy specific code in a module hooked in the above hook. Just needs a setsockopt() and the client IP to bind the socket to. * And then do the connect. Is this is an overkill? Should this be done simply by modifying the ap_proxy_connect_backend() ?
In theory, if it does boil down to just a single additional setsockopt(), then adding a directive to mod_proxy_connect should do the trick.
It does sound like overkill to effectively come up with a whole new module. Regards, Graham --
smime.p7s
Description: S/MIME Cryptographic Signature
