Re: [PATCH 00/11] TProxy for IPv6

[Amos Jeffries <squid3@treenet.co.nz>]

Balazs Scheidler wrote:
> [ Sorry if this reaches you twice, I sent to the wrong address the first time ]
> 
> I've just pushed a set of patches that implement TProxy for IPv6 to
> 
> http://git.balabit.hu/bazsi/tproxy-2.6.git
> 
> The patches are also posted in reply to this mail.
> 
> Although some work is still needed, basic testing shows that it works all
> right.  
> 
> The accompanying iptables patches are available at
> 
> http://git.balabit.hu/bazsi/iptables-tproxy.git
> 
> There are some things left to do:
> 
>   * the recognition of related ICMPv6 packets missing (from xt_socket.c)
> 
>   * I should probably split xt_TPROXY/xt_socket to IPv4 and IPv6 modules, as
>     right now those depend on both stacks at the same time.
> 
> I'm on a holiday right now, thus I might not respond to comments in a timely
> manner, however I'm interested in any comments/feedback nevertheless.
> 
> Harry, I didn't remember that you actually wanted to work on TProxy for
> IPv6, I just vaguely remembered that there was someone asking for IPv6
> support, thus I implemented this without being in the know.  If you started
> hacking, I hope that we didn't completely duplicate effort.  I'd appreciate
> help in the missing bits and/or testing whichever fits you best.
> 
> Also, I have written a Python test script to test TProxy functionality
> automatically both for IPv4 and IPv6, I can post that as well if anyone is
> interested.

I'm interested :)

Now that you have done this I'm going to have to find a robust userland 
run-time test to see if the underlying TPROXY is v4-only or v6-enabled. 
If anyone has suggestions they would be welcome.

Thank you very much by the way.


Amos Jeffries
Squid Proxy Project