AnyP::TrafficMode Class Reference

#include <TrafficMode.h>

Collaboration diagram for AnyP::TrafficMode:

Public Member Functions

bool isIntercepted ()
 

Public Attributes

bool accelSurrogate = false
 
bool proxySurrogate = false
 
bool natIntercept = false
 
bool tproxyIntercept = false
 
bool tunnelSslBumping = false
 

Detailed Description

Set of 'mode' flags defining types of trafic which can be received.

Use to determine the processing steps which need to be applied to this traffic under any special circumstances which may apply.

Definition at line 21 of file TrafficMode.h.

Member Function Documentation

bool AnyP::TrafficMode::isIntercepted ( )
inline

true if the traffic is in any way intercepted

Definition at line 79 of file TrafficMode.h.

References natIntercept, and tproxyIntercept.

Member Data Documentation

bool AnyP::TrafficMode::accelSurrogate = false

marks HTTP accelerator (reverse/surrogate proxy) traffic

Indicating the following are required:

  • URL translation from relative to absolute form
  • restriction to origin peer relay recommended

Definition at line 30 of file TrafficMode.h.

bool AnyP::TrafficMode::natIntercept = false

marks NAT intercepted traffic

Indicating the following are required:

  • NAT lookups
  • URL translation from relative to absolute form
  • Same-Origin verification is mandatory
  • destination pinning is recommended
  • authentication prohibited

Definition at line 51 of file TrafficMode.h.

Referenced by isIntercepted().

bool AnyP::TrafficMode::proxySurrogate = false

marks ports receiving PROXY protocol traffic

Indicating the following are required:

  • PROXY protocol magic header
  • src/dst IP retrieved from magic PROXY header
  • indirect client IP trust verification is mandatory
  • TLS is not supported

Definition at line 40 of file TrafficMode.h.

bool AnyP::TrafficMode::tproxyIntercept = false

marks TPROXY intercepted traffic

Indicating the following are required:

  • src/dst IP inversion must be performed
  • client IP should be spoofed if possible
  • URL translation from relative to absolute form
  • Same-Origin verification is mandatory
  • destination pinning is recommended
  • authentication prohibited

Definition at line 63 of file TrafficMode.h.

Referenced by isIntercepted().

bool AnyP::TrafficMode::tunnelSslBumping = false

marks intercept and decryption of CONNECT (tunnel) SSL traffic

Indicating the following are required:

  • decryption of CONNECT request
  • URL translation from relative to absolute form
  • authentication prohibited on unwrapped requests (only on the CONNECT tunnel)
  • encrypted outbound server connections
  • peer relay prohibited. TODO: re-encrypt and re-wrap with CONNECT

Definition at line 74 of file TrafficMode.h.


The documentation for this class was generated from the following file:

 

Introduction

Documentation

Support

Miscellaneous

Web Site Translations

Mirrors