1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
|
# vim:ai ts=8 sw=8
#
# Makefile for tproxy.
#
# Currently supported OPTIONS flags are:
# DEBUG Print debugging info stdout.
# DEBUG_INPUT_REQUESTS Print requests as they are received.
# DEBUG_OUTPUT_REQUESTS Print requests after they have been translated.
# DNS_LOOKUPS Look up the hostnames via DNS to translate the
# HTTP request. Only when no Host: header was
# found.
# USELESS_DNS_LOOKUPS Look up the hostnames only needed for the log
# files. Normally turned off.
# LOG_TO_SYSLOG Log all faults and accesses to syslog(3).
# This can be slow in a busy server.
# LOG_FAULTS_TO_SYSLOG Log only faults to syslog(3).
# LOG_TO_FILE Log all accesses to a dedicated file instead.
# File is opened relative to the / directory.
# LOG_TO_FILE_LINEBUFF Log in line-buffered mode. Disable to speed
# things up. Although log file will lag.
# IPFILTER Enable the BSD IP filter code.
# FreeBSD 3.0, NetBSD 1.3.1 and OpenBSD come
# with this as standard.
# See http://coombs.anu.edu.au/~avalon/
# IPTABLES Enable support for iptables (linux-2.4).
# TCP_WRAPPERS Use hosts.allow (daemon tproxy) to limit access.
# DO_DOUBLE_FORK Do a double fork to prevent zombie processes on
# systems that don't provide a mechanism for
# ignoring the child termination event.
#
# Debugging options. Not normally useful.
#OPTIONS += -DDEBUG
#OPTIONS += -DDEBUG_INPUT_REQUESTS
#OPTIONS += -DDEBUG_OUTPUT_REQUESTS
# Control DNS lookups under various conditions.
OPTIONS += -DDNS_LOOKUPS
#OPTIONS += -DUSELESS_DNS_LOOKUPS
# Error and request logging.
#OPTIONS += -DLOG_TO_SYSLOG
OPTIONS += -DLOG_FAULTS_TO_SYSLOG
OPTIONS += -DLOG_TO_FILE
OPTIONS += -DLOG_TO_FILE_LINEBUFF
# BSD IPFILTER mechanism for fetching intended destination address.
#OPTIONS += -DIPFILTER
# linux-2.4 iptables mechanism for fetching intended destination address.
OPTIONS += -DIPTABLES
# Double fork to make init(8) handle zombie processes. Some Unix variants
# simply don't let you ignore the death of child processes easily.
#OPTIONS += -DDO_DOUBLE_FORK
# Define these to enable tcp_wrappers. You can use the built-in ACLs
# instead though.
OPTIONS += -DTCP_WRAPPERS
LIBS += -lwrap
# You may need one or both of these to get a clean compile.
#OPTIONS += -DHAVE_PATHS_H
#OPTIONS += -DHAVE_GETOPT_H
# You may need to touch PREFIX, CC and CFLAGS.
PREFIX = /usr/local
INSTALL_PROGRAM = install -c -m 755 -o root -g root
INSTALL_SCRIPT = install -c -m 755 -o root -g root
INSTALL_MAN = install -c -m 444 -o bin -g bin
# Some make's don't define this.
RM = rm -f
# Should be OK for GNU gcc.
CC = gcc
CFLAGS = -Wall -e
LDFLAGS = -s
# Debian specific build options
ifneq (,$(findstring noopt,$(DEB_BUILD_OPTIONS)))
CFLAGS += -O0
else
CFLAGS += -O2
endif
ifeq (,$(findstring nostrip,$(DEB_BUILD_OPTIONS)))
INSTALL_PROGRAM += -s
endif
# For using BIND resolver instead of system resolver.
#LIBS += -lresolv # Really old Linux has this.
#LIBS += -lbind
# For Solaris.
#LIBS += -lsocket -lxnet
#CFLAGS += -DUSE_STRSTR_BUG
# You shouldn't need to touch anything below this.
all: tproxy
tproxy: tproxy.o acl.o
$(CC) $(LDFLAGS) tproxy.o acl.o -o $@ $(LIBS)
tproxy.o: tproxy.c Makefile
$(CC) $(CFLAGS) $(OPTIONS) -c tproxy.c -o $@
acl.o: acl.c Makefile
$(CC) $(CFLAGS) $(OPTIONS) -c acl.c -o $@
clean:
$(RM) tproxy.o acl.o *core *~
clobber dist-clean: clean
$(RM) tproxy
install: tproxy
$(INSTALL_PROGRAM) tproxy $(PREFIX)/sbin
$(INSTALL_SCRIPT) tproxyrun $(PREFIX)/sbin
$(INSTALL_SCRIPT) tproxywatch $(PREFIX)/sbin
$(INSTALL_MAN) tproxy.8 $(PREFIX)/share/man/man8
|
