[spambayes-bugs] [ spambayes-Bugs-970859 ] Transparent proxying support?

SourceForge.net noreply at sourceforge.net
Thu Jun 10 23:26:10 EDT 2004


Bugs item #970859, was opened at 2004-06-11 03:13
Message generated for change (Comment added) made by lyeoh
You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=498103&aid=970859&group_id=61702

Category: pop3proxy
Group: Source code - CVS
Status: Open
Resolution: None
>Priority: 3
Submitted By: lyeoh (lyeoh)
Assigned to: Nobody/Anonymous (nobody)
Summary: Transparent proxying support?

Initial Comment:
Hi, how about adding support for transparent proxying?

e.g. perl equiv from a perl pop3proxy I wrote
#$daddr:$dport = where the proxy will actually make 
connections to
#$FORCEDEFSVR is whether to force usage of the 
configured default server
#$USE_SO_ORIGINAL_DST is whether to do Linux-style 
transparent proxying or FreeBSD style
# $SO_ORIGINAL_DST = 80 if linux headers not available
#$client holds the inbound socket object
# $BOUNDPORT and $BOUNDADDRESS = actual addr and 
port proxy is listening on
#should probably do more checks to stop loops
#e.g. enforce bound addr:port != default addr:port

 if ($FORCEDEFSVR) {
                                $daddr=$DEFADDRESS;
                                $dport=$DEFPORT;
                        } else {
                                if ($USE_SO_ORIGINAL_DST) {
                                        my $p= getsockopt 
$client, $SOL_IP, $SO_ORIGINAL_DST;
                                        $daddr=inet_ntoa(substr
($p,4,4));
                                        $dport=unpack('n',substr
($p,2,2));
                                } else {
#FreeBSD style
                                 $daddr=$client->sockhost;
                                 $dport=$client->sockport;
                                }
                                #dolog('DEBUG', "dest: 
$daddr:$dport");
                                if (($dport==$BOUNDPORT) and 
($daddr eq $BOUNDADDRESS)) {
                                # If seem to be connecting to 
self connect to default server instead
                                        $daddr=$DEFADDRESS;
                                        $dport=$DEFPORT;
                                }
                        }

--
I don't know python, but I might see if I can figure out 
spambayes+ python. Feature may be harder to add than 
I think ;).

----------------------------------------------------------------------

>Comment By: lyeoh (lyeoh)
Date: 2004-06-11 03:26

Message:
Logged In: YES 
user_id=1060689

Transparent proxying will require configuration of Linux 
iptables or FreeBSD IPFW to redirect desired TCP connections 
to the proxy. 

The proxy will then figure out the actual intended destination 
addr and port as per the code above, make the connections 
and do stuff - spamfiltering, protocol enforcement.

NOTE: if it is possible to tell spambayes to connect to a 
particular popserver by using the following USER command 
then the need for a transparent proxy may be less, and one 
could also more easily chain proxies.
e.g.
USER user at name:popserver1

If the feature is active that should tell spambayes to connect 
to popserver1 and send
USER user at name

The delimiter ":" should be configurable. Not sure what would 
be best - maybe looking at the wrong RFC.

----------------------------------------------------------------------

Comment By: Tony Meyer (anadelonbrin)
Date: 2004-06-11 03:19

Message:
Logged In: YES 
user_id=552329

My Perl is extremely rusty.  Exactly what do you mean by
transparent proxying?  i.e. what changes do you want from
the current proxying?

----------------------------------------------------------------------

You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=498103&aid=970859&group_id=61702



More information about the Spambayes-bugs mailing list