[zorp] Stacking programs doesn’t work and how to modify POST parameters?

[thomas.wenz at gmx-topmail.de]

Hi,

Perhaps it was just too late for me ;) The python-kzorp package was there but
I didn't notice it and dpkg didn't complain about it (it's not a dependancy of zorp).
Sorry!

As you predicted I get some startup errors complaining that it can't flush KZorp 
config. If I understand correct, KZorp is a faster solution and allows including 
iptables/NAT rules into Zorp. Are there any other advantages I missed?

However, It's not yet working because it somehow gets wrong IPs with my 
unchanged config form the old Zorp(dest is wrong, remote and local are correct):
core.debug(6): (dsp/dispatch:0): Incoming connection; protocol='1', remote='AF_INET(10.1.1.1:1704)', local='AF_INET(10.1.1.251:50080)', dest='AF_INET(10.1.1.251:50080)' 
It then fetches the GET request and tries to connect to itself (which fails). However, 
I did not notice the self.request_stack["GET"] entry being performed. Is this done 
after the connection has been established? If so, I think this would be a little bit 
late...in my opinion it should be before header filtering or earlier in order to be 
able to adjust the content length header (can't be adjusted through the stacked 
program as far as I read), log the umodified request and to prevent connecting 
in case there's something evil in the data part.

Do I perhaps need a new kernel with the new TProxy 4.0 as there's a line
core.debug(6): (nosession): System dependant init; sysdep_tproxy='tproxy40' 
If so, should a leave KZorp out of the kernel because if I compile it in, I need to 
configure it, correct?

Thomas Wenz



-- 
GMX startet ShortView.de. Hier findest Du Leute mit Deinen Interessen!
Jetzt dabei sein: http://www.shortview.de/wasistshortview.php?mc=sv_ext_mf@gmx