[spambayes-bugs] [ spambayes-Bugs-970859 ] Transparent proxying
support?
SourceForge.net
noreply at sourceforge.net
Thu Jun 10 23:26:10 EDT 2004
Bugs item #970859, was opened at 2004-06-11 03:13
Message generated for change (Comment added) made by lyeoh
You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=498103&aid=970859&group_id=61702
Category: pop3proxy
Group: Source code - CVS
Status: Open
Resolution: None
>Priority: 3
Submitted By: lyeoh (lyeoh)
Assigned to: Nobody/Anonymous (nobody)
Summary: Transparent proxying support?
Initial Comment:
Hi, how about adding support for transparent proxying?
e.g. perl equiv from a perl pop3proxy I wrote
#$daddr:$dport = where the proxy will actually make
connections to
#$FORCEDEFSVR is whether to force usage of the
configured default server
#$USE_SO_ORIGINAL_DST is whether to do Linux-style
transparent proxying or FreeBSD style
# $SO_ORIGINAL_DST = 80 if linux headers not available
#$client holds the inbound socket object
# $BOUNDPORT and $BOUNDADDRESS = actual addr and
port proxy is listening on
#should probably do more checks to stop loops
#e.g. enforce bound addr:port != default addr:port
if ($FORCEDEFSVR) {
$daddr=$DEFADDRESS;
$dport=$DEFPORT;
} else {
if ($USE_SO_ORIGINAL_DST) {
my $p= getsockopt
$client, $SOL_IP, $SO_ORIGINAL_DST;
$daddr=inet_ntoa(substr
($p,4,4));
$dport=unpack('n',substr
($p,2,2));
} else {
#FreeBSD style
$daddr=$client->sockhost;
$dport=$client->sockport;
}
#dolog('DEBUG', "dest:
$daddr:$dport");
if (($dport==$BOUNDPORT) and
($daddr eq $BOUNDADDRESS)) {
# If seem to be connecting to
self connect to default server instead
$daddr=$DEFADDRESS;
$dport=$DEFPORT;
}
}
--
I don't know python, but I might see if I can figure out
spambayes+ python. Feature may be harder to add than
I think ;).
----------------------------------------------------------------------
>Comment By: lyeoh (lyeoh)
Date: 2004-06-11 03:26
Message:
Logged In: YES
user_id=1060689
Transparent proxying will require configuration of Linux
iptables or FreeBSD IPFW to redirect desired TCP connections
to the proxy.
The proxy will then figure out the actual intended destination
addr and port as per the code above, make the connections
and do stuff - spamfiltering, protocol enforcement.
NOTE: if it is possible to tell spambayes to connect to a
particular popserver by using the following USER command
then the need for a transparent proxy may be less, and one
could also more easily chain proxies.
e.g.
USER user at name:popserver1
If the feature is active that should tell spambayes to connect
to popserver1 and send
USER user at name
The delimiter ":" should be configurable. Not sure what would
be best - maybe looking at the wrong RFC.
----------------------------------------------------------------------
Comment By: Tony Meyer (anadelonbrin)
Date: 2004-06-11 03:19
Message:
Logged In: YES
user_id=552329
My Perl is extremely rusty. Exactly what do you mean by
transparent proxying? i.e. what changes do you want from
the current proxying?
----------------------------------------------------------------------
You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=498103&aid=970859&group_id=61702
More information about the Spambayes-bugs
mailing list