Date: Tue, 23 Apr 1996 16:26:58 +0930 (CST) From: Michael Smith <msmith@atrad.adelaide.edu.au> To: terry@lambert.org (Terry Lambert) Cc: msmith@atrad.adelaide.edu.au, terry@lambert.org, pst@shockwave.com, current@FreeBSD.org Subject: Re: socks support native in freebsd? Message-ID: <199604230656.QAA09490@genesis.atrad.adelaide.edu.au> In-Reply-To: <199604230633.XAA18930@phaeton.artisoft.com> from "Terry Lambert" at Apr 22, 96 11:33:29 pm
next in thread | previous in thread | raw e-mail | index | archive | help
Terry Lambert stands accused of saying: > > > > This is total crap. How can you possibly implement what Socks does > > using a "tunnel"? Socks provides a standards-friendly means of > > hiding unroutable hosts behind a routed firewall. It provides > > healthy amounts of logging, and good configuration flexibility. > > By IP tunneling the default route to the socksd that then forwards > it to the forwarding host using a static route to the real interface. How is this different from the already-deemed-evil Linux "IP Masquerading"? The 'tunnel' approach either requires a socks-like protocol, which requires application (or library) support, or it rewrites packet headers. > Local routes can also go to the local linterface statically, by net. Heh. That's the linterface that uses static to collect dropped routes? 8) > > Given the popularity of firewalls these days, this would be a Big Plus. > > First, he was talking about implementing it on a per application > basis via the makefile hack that is recommended by the socks > package. Actually, Paul was talking about 'whatever is state-of-the-art'. Witness the upcoming back-outs of the initial socks-4 stuff, and the implementation of the (optional) socks-5 shared-library features. > Second, this is an atypical network configuration, and the average > user should not have to pay for it in their libc. *snort*. There are a million warts that the 'average user' pays for already in their libc. I would suggest that any overhead that Socks-awareness would impose on the (small) number of relevant system calls would be noise against interrupt latency on the average network interface. > > ...except that Netscape (at the least) already supports Socks, and in fact > > goes so far as to support making TCP DNS queries so that a UDP proxy isn't > > required. > > Fine. Pick a binary program other than Netscape which does not support > socks. Hmm. Microsoft Explorer, perhaps. > Terry Lambert -- ]] Mike Smith, Software Engineer msmith@atrad.adelaide.edu.au [[ ]] Genesis Software genesis@atrad.adelaide.edu.au [[ ]] High-speed data acquisition and (GSM mobile) 0411-222-496 [[ ]] realtime instrument control (ph/fax) +61-8-267-3039 [[ ]] Collector of old Unix hardware. "Where are your PEZ?" The Tick [[
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199604230656.QAA09490>