From owner-freebsd-current  Mon Apr 22 21:11:30 1996
Return-Path: owner-current
Received: (from root@localhost)
          by freefall.freebsd.org (8.7.3/8.7.3) id VAA00846
          for current-outgoing; Mon, 22 Apr 1996 21:11:30 -0700 (PDT)
Received: from precipice.shockwave.com (precipice.shockwave.com [171.69.108.33])
          by freefall.freebsd.org (8.7.3/8.7.3) with ESMTP id VAA00840
          for <current@FreeBSD.org>; Mon, 22 Apr 1996 21:11:26 -0700 (PDT)
Received: from localhost.shockwave.com (localhost.shockwave.com [127.0.0.1]) by precipice.shockwave.com (8.7.5/8.7.3) with SMTP id VAA06842; Mon, 22 Apr 1996 21:10:03 -0700 (PDT)
Message-Id: <199604230410.VAA06842@precipice.shockwave.com>
To: Terry Lambert <terry@lambert.org>
cc: current@FreeBSD.org
Subject: Re: socks support native in freebsd? 
In-reply-to: Your message of "Mon, 22 Apr 1996 16:44:00 PDT."
             <199604222344.QAA18180@phaeton.artisoft.com> 
Date: Mon, 22 Apr 1996 21:10:03 -0700
From: Paul Traina <pst@shockwave.com>
Sender: owner-current@FreeBSD.org
X-Loop: FreeBSD.org
Precedence: bulk


  From: Terry Lambert <terry@lambert.org>
  Subject: Re: socks support native in freebsd?
  > I know I'm the "let's not bloat things out" guy,  but I want to get some
  > feedback on this idea.  It seems like a big gain.
  > 
  > I'd like to bring socks4 (and later socks5) into the FreeBSD source tree
  > directly.  The reason for doing so is that minor modifications to our
  > utilities, such as telnet, ftp, et al need to be performed.  I figure it
  > would be more useful to the user community if we just make these changes
  > /and/ ship our default binaries with socks support included.
  > 
  > Everything will behave as normal, unless the user creates /etc/socks.conf
  > which will then enable socks functionality.
  > 
  > Comments?
  
  Socks functionality should be implemented via an IP tunnel;
  preferrably in a user space "socksd" process.

In theory, I agree with you 100%.  I believe that individualized NAT
technology is a wonderfully ugly and evil kludge that is going to stay.
However, the proponents of application layer gateways like SOCKS want
SOCKS functionality precicely because it happens at the application layer.

My desire is to solve a problem.  I'm not motivated by one technology or
the other, as I've written both NAT code and application layer gateway
code before.

The problem I'm trying to solve is making FTP work in firewall environments,
everything else is just a nice bonus.  I've already produced two solutions
for FreeBSD (passive mode and quarantine mode) and am just adding a useful
third for folks who dislike either.