Date: Sat, 3 Nov 2007 22:59:14 +0300 (MSK) From: .@babolo.ru To: Brooks Davis <brooks@freebsd.org> Cc: Max Laier <max@love2party.net>, freebsd-net@freebsd.org, "Bruce M. Simpson" <bms@freebsd.org>, Julian Elischer <julian@elischer.org>, Matus Harvan <mharvan@inf.ethz.ch> Subject: Re: UDP catchall Message-ID: <1194119954.596539.98455.nullmailer@cicuta.babolo.ru> In-Reply-To: <20071101150613.GA24803@lor.one-eyed-alien.net>
index | next in thread | previous in thread | raw e-mail
> On Wed, Oct 31, 2007 at 09:53:56AM -0700, Julian Elischer wrote: > > It's possible using ipfw to mostly implement this, and with an upcoming > > change, possible to completely implement this. > > > > the "uid" function of ipfw can act as a "does there exist a socket to which > > this packet would go?" test. > > and a variant of it called "for_me" that I am adding (we use it at work) > > does this even better. > > > > so, basically, > > > > yyy: skipto xxx ip from any to-me > > yyy+1: fwd 127.0.0.1,1234 > > xxx: > > One problem with this kind of implementation is that it's impossible to > make it plug and play. Just equip mtund with script that configure virgin OS in proper way and restrict to do that when there is some non-minimal configuration, for example ipfw is not empty. Your plug and play goal as written contradicts BSD spirits IMHO. Sorry for bad English.home | help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1194119954.596539.98455.nullmailer>