You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@trafficserver.apache.org by "Alan M. Carroll (JIRA)" <ji...@apache.org> on 2010/04/08 01:45:36 UTC

[jira] Commented: (TS-291) Enable transparent forward proxying

    [ https://issues.apache.org/jira/browse/TS-291?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12854733#action_12854733 ] 

Alan M. Carroll commented on TS-291:
------------------------------------

Issue 1

HttpTransact::check_request_validity only checks the request URL for the host and does not check the HOST field. This works for explicit proxy requests but most current web tools use the HOST field so without client configuration, ATS rejects the request with "400: Host Required In Request". I think this should be modified to do the check only in the transparent case as the explicit case should require the host in the URL.

Issue 2

It was mentioned to me that ATS had transparent forward proxy code at one point but it was (mostly) removed. In some cases there seems to be a remnant in the use of
    State::http_config_param::transparency_enabled
which I presume is a flag used to enable transparent operation, although perhaps it is used for reverse proxying and therefore it is unclear whether it should be used for forward proxying.
(see HttpTransact::initialize_state_variables_from_request for an example)


> Enable transparent forward proxying
> -----------------------------------
>
>                 Key: TS-291
>                 URL: https://issues.apache.org/jira/browse/TS-291
>             Project: Traffic Server
>          Issue Type: Improvement
>          Components: Network
>         Environment: Linux
>            Reporter: Alan M. Carroll
>            Priority: Minor
>
> Currently ATS provides only explicit forward proxying. It should support this transparently as well.
> Transparent means
> * No configuration on clients.
> * Origin server sees the client IP address as the source address of the cache fill request.
> This should be an option set via configuration variables because transparent proxying is not always the correct mode of operation. In addition, it requires a Linux kernel with TPROXY support and so will not run in all environments.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.