doc/admin-guide/configuration/transparent-proxy/build.en.rst - trafficserver - Git at Google

 .. _building-ats-for-transparency:

 Building ATS for transparency
 *****************************

 .. Licensed to the Apache Software Foundation (ASF) under one
    or more contributor license agreements.  See the NOTICE file
   distributed with this work for additional information
   regarding copyright ownership.  The ASF licenses this file
   to you under the Apache License, Version 2.0 (the
   "License"); you may not use this file except in compliance
   with the License.  You may obtain a copy of the License at

    http://www.apache.org/licenses/LICENSE-2.0

   Unless required by applicable law or agreed to in writing,
   software distributed under the License is distributed on an
   "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
   KIND, either express or implied.  See the License for the
   specific language governing permissions and limitations
   under the License.


 In most cases, if your environment supports transparency then
 ``configure`` will automatically enable it. For other environments you
 may need to twiddle the ``configure`` options.

 ``--enable-posix-cap``
     This enables POSIX capabilities, which are required for
     transparency. These are compiled in by default. To check your
     system, look for the header file ``sys/capability.h`` and the system
     library ``libcap``. These are in the packages ``libcap`` and
     ``libcap-devel`` or ``libcap-dev`` (depending on the Distribution)
     contra-respectively.

 ``--enable-tproxy[=value]``
     Enable TPROXY support, which is the Linux kernel feature used for
     transparency. This should be present in the base installation, there
     is no package associated with it. \* ``auto`` Do automatic checks
     for the the TPROXY header file (``linux/in.h``) and enable TPROXY
     support if the ``IP_TRANSPARENT`` definition is present. This is the
     default if this option is not specified or ``value`` is omitted. \*
     ``no`` Do not check for TPROXY support, disable support for it. \*
     ``force`` Do not check for TPROXY support, enable it using the $ats@
     built in value for ``IP_TRANSPARENT``. This is useful for systems
     that have it in the kernel for but some reason do not have the
     appropriate system header file. \* *number* Do not check for TPROXY
     support, use *number* as the ``IP_TRANSPARENT`` value. There are, at
     present, no known standard distributions of Linux that support
     TPROXY but use a value different from the built in ATS default.
     However, a custom built kernel may do so and in that case the
     specific value can be specified.

 In the default case, ATS configuration will automatically check for
 TPROXY support via the presence of the ``linux/in.h`` header file and
 compile in TPROXY support if it is available. If that fails, you may be
 able to recover by using one of the options above. Note that
 transparency may be built in by default but it is not active unless
 explicitly enabled in the ATS configuration files.
	.. _building-ats-for-transparency:

	Building ATS for transparency
	*****************************

	.. Licensed to the Apache Software Foundation (ASF) under one
	or more contributor license agreements. See the NOTICE file
	distributed with this work for additional information
	regarding copyright ownership. The ASF licenses this file
	to you under the Apache License, Version 2.0 (the
	"License"); you may not use this file except in compliance
	with the License. You may obtain a copy of the License at

	http://www.apache.org/licenses/LICENSE-2.0

	Unless required by applicable law or agreed to in writing,
	software distributed under the License is distributed on an
	"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
	KIND, either express or implied. See the License for the
	specific language governing permissions and limitations
	under the License.


	In most cases, if your environment supports transparency then
	``configure`` will automatically enable it. For other environments you
	may need to twiddle the ``configure`` options.

	``--enable-posix-cap``
	This enables POSIX capabilities, which are required for
	transparency. These are compiled in by default. To check your
	system, look for the header file ``sys/capability.h`` and the system
	library ``libcap``. These are in the packages ``libcap`` and
	``libcap-devel`` or ``libcap-dev`` (depending on the Distribution)
	contra-respectively.

	``--enable-tproxy[=value]``
	Enable TPROXY support, which is the Linux kernel feature used for
	transparency. This should be present in the base installation, there
	is no package associated with it. \* ``auto`` Do automatic checks
	for the the TPROXY header file (``linux/in.h``) and enable TPROXY
	support if the ``IP_TRANSPARENT`` definition is present. This is the
	default if this option is not specified or ``value`` is omitted. \*
	``no`` Do not check for TPROXY support, disable support for it. \*
	``force`` Do not check for TPROXY support, enable it using the $ats@
	built in value for ``IP_TRANSPARENT``. This is useful for systems
	that have it in the kernel for but some reason do not have the
	appropriate system header file. \* number Do not check for TPROXY
	support, use number as the ``IP_TRANSPARENT`` value. There are, at
	present, no known standard distributions of Linux that support
	TPROXY but use a value different from the built in ATS default.
	However, a custom built kernel may do so and in that case the
	specific value can be specified.

	In the default case, ATS configuration will automatically check for
	TPROXY support via the presence of the ``linux/in.h`` header file and
	compile in TPROXY support if it is available. If that fails, you may be
	able to recover by using one of the options above. Note that
	transparency may be built in by default but it is not active unless
	explicitly enabled in the ATS configuration files.