[zorp] Zorp and Traffic Control
Peter HOLTZL
zorp@lists.balabit.hu
Tue, 1 Apr 2003 09:34:14 +0200
On 2003 Apr 01, Robert Penz wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> On Monday 31 March 2003 20:46, Illes Marton wrote:
> > You need to use ForgeClientSourceNAT as SNAT, or if you use
> > TransparentRouter you can set the forge_addr attribute to TRUE.
> >
> > Both end up, that when Zorp connects to the server it uses the client
> > original IP address as the source address of the connection.
> that sounds cool, can you describe a little bit more how and where I tell zorp
> to use the client ip.
It is quite easy. When you define the Service eg. HTTP use this:
Service("HTTP", HttpProxy, snat=ForgeClientSourceNAT()) # Both 1.4 and 2.0
or
Service("HTTP", HttpProxy, router=TransparentRouter(forge_addr=TRUE)) # 2.0 only
and the Listerer, which starts this service looks like this:
Listener(SockAddrInet("10.20.30.40", 50080), "HTTP")
Péter HÖLTZL
BalaBit IT Kft | Tel: +36 1 371-0540 | GnuPG Fingerprint:
holtzl.peter@balabit.hu | Mobil: +36 20 366-9667 | DB30 5E5B 8777 C06F 5A1F
http://www.balabit.hu/ | Fax: +36 1 208-0875 | 4586 CEAF 9678 4A89 CFD6