[jira] Commented: (TS-291) Enable transparent forward proxying

[Alan M. Carroll (JIRA)]

    [ 
https://issues.apache.org/jira/browse/TS-291?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12854733#action_12854733
 ] 

Alan M. Carroll commented on TS-291:
------------------------------------

Issue 1

HttpTransact::check_request_validity only checks the request URL for the host 
and does not check the HOST field. This works for explicit proxy requests but 
most current web tools use the HOST field so without client configuration, ATS 
rejects the request with "400: Host Required In Request". I think this should 
be modified to do the check only in the transparent case as the explicit case 
should require the host in the URL.

Issue 2

It was mentioned to me that ATS had transparent forward proxy code at one point 
but it was (mostly) removed. In some cases there seems to be a remnant in the 
use of
    State::http_config_param::transparency_enabled
which I presume is a flag used to enable transparent operation, although 
perhaps it is used for reverse proxying and therefore it is unclear whether it 
should be used for forward proxying.
(see HttpTransact::initialize_state_variables_from_request for an example)


> Enable transparent forward proxying
> -----------------------------------
>
>                 Key: TS-291
>                 URL: https://issues.apache.org/jira/browse/TS-291
>             Project: Traffic Server
>          Issue Type: Improvement
>          Components: Network
>         Environment: Linux
>            Reporter: Alan M. Carroll
>            Priority: Minor
>
> Currently ATS provides only explicit forward proxying. It should support this 
> transparently as well.
> Transparent means
> * No configuration on clients.
> * Origin server sees the client IP address as the source address of the cache 
> fill request.
> This should be an option set via configuration variables because transparent 
> proxying is not always the correct mode of operation. In addition, it 
> requires a Linux kernel with TPROXY support and so will not run in all 
> environments.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.