[zorp] Zorp and Traffic Control
Balazs Scheidler
zorp@lists.balabit.hu
Tue, 27 May 2003 12:33:38 +0200
On Mon, May 26, 2003 at 05:43:51PM -0400, Philippe Lucas wrote:
> >Hmm. The log snippet above shows that a client was connected from
> >192.168.100.199:2092, with a destination address 192.168.0.251:80 and Zorp
> >wanted to connect to the same server using the local address
> >192.168.0.134:42488. This means that it did not even try to use the forged
> >address...
> >
> >Please try using ForgeClientSourceNAT as SNAT instead of the forge_addr
> >parameter, like:
> >
> >def zorp_http():
> > Service("intra_http", HttpProxy, router=TransparentRouter(),
> > snat=ForgeClientSourceNAT())
> > ....
> >
> >(ForgeClientSourceNAT was the previous way to specify address forging)
> >
> >If this does work, then there's some problem in forge_addr, if it doesn't
> >I'd suspect some problems with the --autobind-ip arguments.
>
>
> It's working!
>
> My instances.conf :
> zorp_http --autobind-ip 192.168.100.135 --verbose=5 --policy
> /etc/zorp/policy.py
>
> My policy.py :
> def zorp_http():
> Service("intra_http",
> IntraHttp,router=TransparentRouter(),snat=ForgeClientSourceNAT())
> Listener(SockAddrInet("192.168.100.135", 50080), "intra_http")
>
>
> I'm very happy, thank you :o)
>
> I'd now like to modify a body data of a http transfert. how can I do that?
you'd need a release from the development version which allows you to stack
proxies within HTTP. This means that another proxy module receives the data
portion of each HTTP request. What do you want to change in the HTTP body?
It is currently not possible with plain 2.0. I'll schedule a release if you
are interested.
--
Bazsi
PGP info: KeyID 9AF8D0A9 Fingerprint CD27 CFB0 802C 0944 9CFD 804E C82C 8EB1