1.2.2. Procedure – Handling application-level services

1. For incoming connection requests that are processed on the application level, the main Zorp thread establishes the connection with the client. The connection is further processed in a separate thread; the main thread is listening for new connections.

2. The Dispatcher creates the MasterSession object of the connection and generates the base session ID. This object stores all relevant information of the connection, including the protocol (TCP/UDP) and the client's address.

   The session ID uniquely identifies the connection and is included in every log message related to this particular connection. Other components of Zorp add further digits to the session ID.

3. For TCP-based connections, Zorp copies the Type of Service (ToS) value of the client-Zorp connection in the Zorp-client connection.

4. The Rule selects the service that will inspect the connection.

5. The Router defined in the service determines the destination address of the server. The result is stored in the Session object, where the Chainer can access it later.

   The Router performs the following actions:

   • Determines the destination address of the server.

   • Sets the source address of the server-side connection (according to the forge_port, forge_address settings of the router).

   • Sets the ToS value of the server-side connection.

6. If the client is permitted to access the selected service, the startInstance() method of the service is started. The startInstance() method performs the following actions:

   • Verifies that the new instance does not exceed the number of instances permitted for the service (max_instances parameter).

   • Creates the final session ID.

   • Creates an instance of the proxy class associated with the service. This proxy instance is associated with a StackedSession object. The startup of the proxy is detailed in Procedure 1.3, Proxy startup and the server-side connection.