From mboxrd@z Thu Jan 1 00:00:00 1970 From: Felipe W Damasio Subject: Re: ebtables extension 'http' Date: Mon, 25 Jan 2010 15:45:50 -0200 Message-ID: <8a87046f1001250945p2e666b32m7c2051e00454f8e4@mail.gmail.com> References: <8a87046f1001250546w1dec4136nc509510e8ac15eb8@mail.gmail.com> <8a87046f1001250632hd4220d1s9f44cad2c3b268a8@mail.gmail.com> <4B5DCBEA.5000501@trash.net> Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: QUOTED-PRINTABLE Cc: Patrick McHardy , netfilter-devel@vger.kernel.org To: Jan Engelhardt Return-path: Received: from mail-gx0-f217.google.com ([209.85.217.217]:41955 "EHLO mail-gx0-f217.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1753679Ab0AYRpx convert rfc822-to-8bit (ORCPT ); Mon, 25 Jan 2010 12:45:53 -0500 Received: by gxk9 with SMTP id 9so5622217gxk.8 for ; Mon, 25 Jan 2010 09:45:52 -0800 (PST) In-Reply-To: Sender: netfilter-devel-owner@vger.kernel.org List-ID: Hi Mr. Jan 2010/1/25 Jan Engelhardt : > The issue is that you would need to replay the tcp handshake. > > Case 1: > - do TCP handshake > - read out Host: header > - if proxied > =A0- good > - if not, > =A0- have to replay TCP handshake to next host (eww :-) Would this be so bad? :-) I mean, if I could do this, I could reduce the HTTP traffic from around 400Mbps to around 100Mbps of domains that the proxy actually do cares. And the rest would be forwarded down the bridge. Could I do this with repeating the TCP handshake with the next host? How could I do this? Thanks, =46elipe Damasio -- To unsubscribe from this list: send the line "unsubscribe netfilter-dev= el" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html