[tproxy] new tproxy development version: 1.9.1

KOVACS Krisztian hidden@balabit.hu
Thu, 29 Jan 2004 17:03:04 +0100


  After almost two months work, a new development version of TProxy has
been released: 1.9.1. The 1.9 branch, when declared stable, will become
TProxy version 2.0 -- the change in the major version number reflects
complete API change, and some semantic changes. The iptables (userspace)
patch is still the same, so this version is compatible with iptables
compiled for the stable branch of TProxy, however, the sockopt interface
has gone through a complete rewrite.

  New features are:

  * New API, see the updated examples in the tests directory. This
    makes TProxy version and compatibility checks possible, and
    provides easy extensibility.
  * TPROXY_ALLOC operation: makes it possible to allocate a unique
    foreign port automatically before the first packet is leaving.
  * TPROXY_CONNECT operation: informs TProxy about the peer. It helps
    a lot with NAT reservations, and is _needed_ before setting the
    ESTABLISHED flag on a sockref. (Instead of the dirty hack of
    requiring connect()-ing before setting the flag.)

  This release has a bit more patches inside than the usual:

  * 01-nat_reservations.diff: NAT reservations patch for the 
    Netfilter NAT core, this is needed for TProxy to avoid a
    lot of NAT failures
  * 02-nat_reservations_tproxy_exports.diff: two extra exported
    functions from the NAT reservations support code
  * 03-tproxy.diff: transparent proxying support code
  * 04-nat_delete.diff: extended version of the older nat_delete
    patch, it is able to delete conntrack entries when a clashing
    NAT mapping is to be applied

  This release is available, as always, from:


  MD5: cttproxy-2.4.23-1.9.1.tar.gz 512fb80b37f8a9f260d3a90084f426ee

  Since this is the first development release of this completely new
branch, its main purpose is to demonstrate the new API and feature set.
It is certainly buggy, so handle with care :)

  Of course, any feedback (test results, problems, bugs, etc.) is

   Krisztian KOVACS