David Wilson wrote:
> I've desperately been looking for some answers for about 2 years now
> regarding setting up Squid ACL's to match on IP DS/Precedence bit fields so
> that I can apply them to Squid's delay pools.
> Please have a look at my posts below if you have time.
> If you could help in anyway possible I'd really appreciate it.
The problem is maintly that there is no way for applications to get
access to the DS value for TCP traffic.
DS is signalled per packet, TCP is stream oriented, hiding the packet
details from applications.
But theoretically it should be possible to extend the TCP/IP kernel to
keep track of the first or most recent DS value seen on the TCP
connection, and implement a getsockopt() call to get access to this
value.
UDP sockets can make use of the IP_RECVTOS message option to receive the
DS flag on each message. Theoretically this should also be possible to
use on TCP sockets for reading the value.
> Another possibility of course is that if I could get Squid not to reset the
> original DS/precedence bit field I could put a Packeteer between our network
> and our Squid proxy. At the moment Squid resets the original value so it all
> shows up as marked with a 0, "no value" so that doesn't work to well, if
> anyone can think of a patch that well tell Squid to keep the original
> DS/Precedence bit value please let me know.
First Squid need to be able to read the value. Then setting the TOS/DS
field is trivial. The latter is already included in Squid-2.5 as a
matter of fact (see the tcp_outgoing_tos directive)
Regards
Henrik Nordstr�m
Squid Hacler
Received on Thu Nov 22 2001 - 13:03:33 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:04:26 MST