Package: apt-cacher
Version: 1.5
I've never really used apt-cacher since I don't want to have to edit my
sources.list depending on whether I'm at home or not.
Well I got bored last night and thought I'd have a go at adding
transparent proxy support. I've only tested it under apache2 (not
running as a daemon), but since it doesn't get the Host: header under
apache2 I think that should be covered by this patch too (but is not
tested).
Caveat empor, but it works for me (tm).
diffs (and new file) attached.
Cheers,
Adrian Bridgett
--- apt-cacher.orig 2006-02-08 22:17:10.000000000 +0000
+++ apt-cacher 2006-02-09 23:44:28.000000000 +0000
@@ -528,6 +528,7 @@
my $send_head_only=0; # to be undef by new GET lines
my $tolerated_empty_lines=20;
my $rangereq;
+ my $hostheader=$ENV{SERVER_NAME}; # Host: request
# reading input line by line, trough the secure input method
CLIENTLINE: while(1) {
@@ -542,6 +543,11 @@
if(/^$/) {
if(defined($testpath)) {
# done reading request
+ if ($$cfg{transparent_proxy} eq 1)
+ {
+ $testpath = "$hostheader/$testpath";
+ writeerrorlog("APB: $testpath");
+ }
$path=$testpath;
last CLIENTLINE;
}
@@ -577,6 +583,9 @@
elsif(/^If-Modified-Since:\s+(.*)/i) {
$ifmosince=$1;
}
+ elsif(/^Host:\s+(.*)/) {
+ $hostheader=$1;
+ }
elsif(/^\S+: [^:]*/) {
# whatever, but valid
}
--- apt-cacher-lib.pl.orig 2006-02-08 22:19:44.000000000 +0000
+++ apt-cacher-lib.pl 2006-02-09 23:12:39.000000000 +0000
@@ -26,7 +26,8 @@
allowed_hosts_6 => '*',
allowed_hosts => '*',
limit => 0,
- daemon_port => 3142
+ daemon_port => 3142,
+ transparent_proxy => 0,
);
($config_file) = @_;
--- apt-cacher.conf.orig 2006-02-09 23:12:14.000000000 +0000
+++ apt-cacher.conf.new 2006-02-09 23:09:28.000000000 +0000
@@ -17,6 +17,10 @@
# daemon as root to use privileged ports (<1024).
daemon_port=3142
+# Transparent proxy support - for use when redirecting using NAT rules
+# see apt-cacher-generate-nat utility
+transparent_proxy=1
+
# optional settings, user and group to run the daemon as. Make sure they have
# sufficient permissions on the cache and log directories. Comment the settings
# to run apt-cacher as the native user.
How to setup transparent proxying for apt-cacher
------------------------------------------------
This setup will allow you to use apt-cacher without altering
your existing clients in any way. Very helpful for LUG meets
or to just remove any barrier to using apt-cacher.
Firstly you need to setup your webserver with a port based virtual
host which will be dedicated to apt-cacher. For example I use this
setup for Apache:
Listen 81
<VirtualHost *:81>
# trailing slash is _required_ (otherwise we have apt-cacher.pldebian)
Alias / /usr/share/apt-cacher/apt-cacher.pl/
<DirectoryMatch /usr/share/apt-cacher/>
Options ExecCGI
AddHandler cgi-script .pl
AllowOverride None
order allow,deny
allow from all
</DirectoryMatch>
</VirtualHost>
Ensure "transparent_proxy" is set to 1 in /etc/apt-cacher/apt-cacher.conf
Finally you need to alter your firewall to redirect to this webserver for
every server you wish to transparently proxy:
for host in ftp.de.debian.org security.debian.org; do
iptables -t nat -A PREROUTING -i wlan0 -p tcp -d $host \
-j REDIRECT --to-ports 81
done
The following snippet of code will print the hosts currently used in
/etc/apt/sources.list:
sed -n 's/^deb http:\/\/\([^/]*\).*/\1/ p' /etc/apt/sources.list
