--------------------- PatchSet 1804 Date: 2001/04/01 11:11:38 Author: rvenning Branch: rvenning_tosaddracl Tag: (none) Log: Made acl_map2_outgoing & acl_map2_tos work together. Made debug message levels more sane. A modicum of testing performed - but only a modicum. Members: src/cf.data.pre:1.24.2.1->1.24.2.2 src/forward.c:1.12.2.1->1.12.2.2 src/structs.h:1.28.2.1->1.28.2.2 Index: squid/src/cf.data.pre =================================================================== RCS file: /cvsroot/squid-sf//squid/src/cf.data.pre,v retrieving revision 1.24.2.1 retrieving revision 1.24.2.2 diff -u -r1.24.2.1 -r1.24.2.2 --- squid/src/cf.data.pre 1 Apr 2001 10:34:09 -0000 1.24.2.1 +++ squid/src/cf.data.pre 1 Apr 2001 11:11:38 -0000 1.24.2.2 @@ -1,6 +1,6 @@ # -# $Id: cf.data.pre,v 1.24.2.1 2001/04/01 10:34:09 rvenning Exp $ +# $Id: cf.data.pre,v 1.24.2.2 2001/04/01 11:11:38 rvenning Exp $ # # # SQUID Web Proxy Cache http://www.squid-cache.org/ @@ -2075,7 +2075,7 @@ NAME: acl_map2_tos TYPE: acl_access DEFAULT: none -DEFAULT_IF_NONE: deny all 0x00 +DEFAULT_IF_NONE: deny all LOC: Config.accessList.tosacl DOC_START A list of ACL elements followed by a TOS byte that applies if @@ -2094,6 +2094,27 @@ Processing proceeds in the order specifies, and stops at first match. DOC_END +NAME: acl_map2_outgoing +TYPE: acl_access +DEFAULT: none +DEFAULT_IF_NONE: deny all +LOC: Config.accessList.outgoingacl +DOC_START + A list of ACL elements followed by an ip address to use as the + outgoing TCP address for sourcing data for this connection. Much + like acl_map2_tos above, but the data will _always_ come back to + the outgoing address, unlike TOS markings, which may dissappear + on the reverse path. The idea is you have another bandwidth + controlling box to limit bandwidth by IP address within your + network. Note: you're machine must have the addresses you choose + assigned. An example: + + acl normal_service_net src 10.0.0.0/255.255.255.0 + acl good_service_net src 10.0.1.0/255.255.255.0 + acl_map2_outgoing normal_service_net 10.0.0.1 + acl_map2_outgoing good_service_net 10.0.0.2 +DOC_END + COMMENT_START ADMINISTRATIVE PARAMETERS ----------------------------------------------------------------------------- Index: squid/src/forward.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/forward.c,v retrieving revision 1.12.2.1 retrieving revision 1.12.2.2 diff -u -r1.12.2.1 -r1.12.2.2 --- squid/src/forward.c 1 Apr 2001 10:34:10 -0000 1.12.2.1 +++ squid/src/forward.c 1 Apr 2001 11:11:38 -0000 1.12.2.2 @@ -1,6 +1,6 @@ /* - * $Id: forward.c,v 1.12.2.1 2001/04/01 10:34:10 rvenning Exp $ + * $Id: forward.c,v 1.12.2.2 2001/04/01 11:11:38 rvenning Exp $ * * DEBUG: section 17 Request Forwarding * AUTHOR: Duane Wessels @@ -279,6 +279,7 @@ time_t ctimeout; aclCheck_t ch; struct in_addr outgoing; + unsigned short tos; assert(fs); assert(fwdState->server_fd == -1); debug(17, 3) ("fwdConnectStart: %s\n", url); @@ -308,24 +309,26 @@ #if URL_CHECKSUM_DEBUG assert(fwdState->entry->mem_obj->chksum == url_checksum(url)); #endif - /* find the desired tos (for the request that sparked this connection */ + /* find the desired outgoing address */ memset(&ch, '\0', sizeof(aclCheck_t)); ch.src_addr = fwdState->request->client_addr; /* is it right to */ - debug(17,1) ("fwdConnectStart: src addr %s\n", inet_ntoa(ch.src_addr)); ch.my_addr = fwdState->request->my_addr; /* pull out the */ - debug(17,1) ("fwdConnectStart: my addr %s\n", inet_ntoa(ch.my_addr)); ch.my_port = fwdState->request->my_port; /* data like this? */ ch.request = fwdState->request; - outgoing.s_addr = (unsigned short)aclCheckFast(Config.accessList.tosacl, &ch); + outgoing.s_addr = aclCheckFast(Config.accessList.outgoingacl, &ch); if(!outgoing.s_addr) outgoing = Config.Addrs.tcp_outgoing; - debug(17,3) ("fwdConnectStart: got addr %s\n", outgoing); - fd = comm_open(SOCK_STREAM, + /* and the desired tos (for the request that sparked this connection) */ + tos = (unsigned short)aclCheckFast(Config.accessList.tosacl, &ch); + + debug(17,3) ("fwdConnectStart: got addr %s, tos %d\n", outgoing, tos); + fd = comm_openex(SOCK_STREAM, 0, outgoing, 0, COMM_NONBLOCKING, + tos, url); if (fd < 0) { debug(50, 4) ("fwdConnectStart: %s\n", xstrerror()); Index: squid/src/structs.h =================================================================== RCS file: /cvsroot/squid-sf//squid/src/structs.h,v retrieving revision 1.28.2.1 retrieving revision 1.28.2.2 diff -u -r1.28.2.1 -r1.28.2.2 --- squid/src/structs.h 1 Apr 2001 10:34:10 -0000 1.28.2.1 +++ squid/src/structs.h 1 Apr 2001 11:11:38 -0000 1.28.2.2 @@ -1,6 +1,6 @@ /* - * $Id: structs.h,v 1.28.2.1 2001/04/01 10:34:10 rvenning Exp $ + * $Id: structs.h,v 1.28.2.2 2001/04/01 11:11:38 rvenning Exp $ * * * SQUID Web Proxy Cache http://www.squid-cache.org/ @@ -558,6 +558,7 @@ acl_access *redirector; acl_access *reply; acl_access *tosacl; + acl_access *outgoingacl; } accessList; acl_deny_info_list *denyInfoList; struct _authConfig {