From owner-freebsd-current  Mon Apr 22 20:00:20 1996
Return-Path: owner-current
Received: (from root@localhost)
          by freefall.freebsd.org (8.7.3/8.7.3) id UAA22250
          for current-outgoing; Mon, 22 Apr 1996 20:00:20 -0700 (PDT)
Received: from genesis.atrad.adelaide.edu.au (genesis.atrad.adelaide.edu.au [129.127.96.120])
          by freefall.freebsd.org (8.7.3/8.7.3) with ESMTP id UAA22179
          for <current@FreeBSD.org>; Mon, 22 Apr 1996 20:00:10 -0700 (PDT)
Received: from msmith@localhost by genesis.atrad.adelaide.edu.au (8.6.12/8.6.9) id MAA07445; Tue, 23 Apr 1996 12:23:47 +0930
From: Michael Smith <msmith@atrad.adelaide.edu.au>
Message-Id: <199604230253.MAA07445@genesis.atrad.adelaide.edu.au>
Subject: Re: socks support native in freebsd?
To: terry@lambert.org (Terry Lambert)
Date: Tue, 23 Apr 1996 12:23:47 +0930 (CST)
Cc: pst@shockwave.com, current@FreeBSD.org
In-Reply-To: <199604222344.QAA18180@phaeton.artisoft.com> from "Terry Lambert" at Apr 22, 96 04:44:00 pm
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Sender: owner-current@FreeBSD.org
X-Loop: FreeBSD.org
Precedence: bulk

Terry Lambert stands accused of saying:
> 
> Socks functionality should be implemented via an IP tunnel;
> preferrably in a user space "socksd" process.

This is total crap.  How can you possibly implement what Socks does
using a "tunnel"?  Socks provides a standards-friendly means of
hiding unroutable hosts behind a routed firewall.  It provides 
healthy amounts of logging, and good configuration flexibility.

> It is a mistake to  rebuild "telnet, ftp, et al" to achieve
> functionality that belongs at the transport layer, not in the
> applications.

The functionality is correctly implemented in the _library_ functions
that telnet, ftp et. al call.  Incorporating Socks proxy support in the
system libraries would instantly Socksify _all_ of the system, including
any ports built, as well as Perl and so forth.

Given the popularity of firewalls these days, this would be a Big Plus.

> This would also fix the OBA (Only Binary Available) problem with
> trying to use Netscape or Nettrek clinets against a socks server.

...except that Netscape (at the least) already supports Socks, and in fact
goes so far as to support making TCP DNS queries so that a UDP proxy isn't
required.

> 					Terry Lambert

-- 
]] Mike Smith, Software Engineer        msmith@atrad.adelaide.edu.au    [[
]] Genesis Software                     genesis@atrad.adelaide.edu.au   [[
]] High-speed data acquisition and      (GSM mobile) 0411-222-496       [[
]] realtime instrument control          (ph/fax)  +61-8-267-3039        [[
]] Collector of old Unix hardware.      "Where are your PEZ?" The Tick  [[