Allows IP_TRANSPARENT to be set on a redirecting socket
Motivation: IP_TRANSPARENT support is not complete, the option can currently only be set on EpollServerSocket. Setting the option on an EpollSocket is also requires so as to be able to bind a socket to a non-local address as described in ip(7) http://man7.org/linux/man-pages/man7/ip.7.html "TProxy redirection with the iptables TPROXY target also requires that this option be set on the redirected socket." Modifications: Added IP_TRANSPARENT socket option to EpollSocketChannelConfig Result: A redirecting socket can be created with a non-local IP address as required for TPROXY
This commit is contained in:
parent
580ac8cd41
commit
21b7ab1f25
@ -60,7 +60,7 @@ public final class EpollSocketChannelConfig extends EpollChannelConfig implement
|
||||
SO_RCVBUF, SO_SNDBUF, TCP_NODELAY, SO_KEEPALIVE, SO_REUSEADDR, SO_LINGER, IP_TOS,
|
||||
ALLOW_HALF_CLOSURE, EpollChannelOption.TCP_CORK, EpollChannelOption.TCP_NOTSENT_LOWAT,
|
||||
EpollChannelOption.TCP_KEEPCNT, EpollChannelOption.TCP_KEEPIDLE, EpollChannelOption.TCP_KEEPINTVL,
|
||||
EpollChannelOption.TCP_MD5SIG, EpollChannelOption.TCP_QUICKACK);
|
||||
EpollChannelOption.TCP_MD5SIG, EpollChannelOption.TCP_QUICKACK, EpollChannelOption.IP_TRANSPARENT);
|
||||
}
|
||||
|
||||
@SuppressWarnings("unchecked")
|
||||
@ -111,6 +111,9 @@ public final class EpollSocketChannelConfig extends EpollChannelConfig implement
|
||||
if (option == EpollChannelOption.TCP_QUICKACK) {
|
||||
return (T) Boolean.valueOf(isTcpQuickAck());
|
||||
}
|
||||
if (option == EpollChannelOption.IP_TRANSPARENT) {
|
||||
return (T) Boolean.valueOf(isIpTransparent());
|
||||
}
|
||||
return super.getOption(option);
|
||||
}
|
||||
|
||||
@ -146,6 +149,8 @@ public final class EpollSocketChannelConfig extends EpollChannelConfig implement
|
||||
setTcpKeepIntvl((Integer) value);
|
||||
} else if (option == EpollChannelOption.TCP_USER_TIMEOUT) {
|
||||
setTcpUserTimeout((Integer) value);
|
||||
} else if (option == EpollChannelOption.IP_TRANSPARENT) {
|
||||
setIpTransparent((Boolean) value);
|
||||
} else if (option == EpollChannelOption.TCP_MD5SIG) {
|
||||
@SuppressWarnings("unchecked")
|
||||
final Map<InetAddress, byte[]> m = (Map<InetAddress, byte[]>) value;
|
||||
@ -446,6 +451,31 @@ public final class EpollSocketChannelConfig extends EpollChannelConfig implement
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns {@code true} if <a href="http://man7.org/linux/man-pages/man7/ip.7.html">IP_TRANSPARENT</a> is enabled,
|
||||
* {@code false} otherwise.
|
||||
*/
|
||||
public boolean isIpTransparent() {
|
||||
try {
|
||||
return channel.socket.isIpTransparent();
|
||||
} catch (IOException e) {
|
||||
throw new ChannelException(e);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* If {@code true} is used <a href="http://man7.org/linux/man-pages/man7/ip.7.html">IP_TRANSPARENT</a> is enabled,
|
||||
* {@code false} for disable it. Default is disabled.
|
||||
*/
|
||||
public EpollSocketChannelConfig setIpTransparent(boolean transparent) {
|
||||
try {
|
||||
channel.socket.setIpTransparent(transparent);
|
||||
return this;
|
||||
} catch (IOException e) {
|
||||
throw new ChannelException(e);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Set the {@code TCP_MD5SIG} option on the socket. See {@code linux/tcp.h} for more details.
|
||||
* Keys can only be set on, not read to prevent a potential leak, as they are confidential.
|
||||
|
Loading…
Reference in New Issue
Block a user