From owner-freebsd-current  Mon Apr 22 23:51:34 1996
Return-Path: owner-current
Received: (from root@localhost)
          by freefall.freebsd.org (8.7.3/8.7.3) id XAA08730
          for current-outgoing; Mon, 22 Apr 1996 23:51:34 -0700 (PDT)
Received: from precipice.shockwave.com (precipice.shockwave.com [171.69.108.33])
          by freefall.freebsd.org (8.7.3/8.7.3) with ESMTP id XAA08725
          for <current@FreeBSD.org>; Mon, 22 Apr 1996 23:51:31 -0700 (PDT)
Received: from localhost.shockwave.com (localhost.shockwave.com [127.0.0.1]) by precipice.shockwave.com (8.7.5/8.7.3) with SMTP id XAA12653; Mon, 22 Apr 1996 23:49:24 -0700 (PDT)
Message-Id: <199604230649.XAA12653@precipice.shockwave.com>
To: Terry Lambert <terry@lambert.org>
cc: msmith@atrad.adelaide.edu.au (Michael Smith), current@FreeBSD.org
Subject: Re: socks support native in freebsd? 
In-reply-to: Your message of "Mon, 22 Apr 1996 23:33:29 PDT."
             <199604230633.XAA18930@phaeton.artisoft.com> 
Date: Mon, 22 Apr 1996 23:49:23 -0700
From: Paul Traina <pst@shockwave.com>
Sender: owner-current@FreeBSD.org
X-Loop: FreeBSD.org
Precedence: bulk


  From: Terry Lambert <terry@lambert.org>
  Subject: Re: socks support native in freebsd?
  
  By IP tunneling the default route to the socksd that then forwards
  it to the forwarding host using a static route to the real interface.
  
  Local routes can also go to the local linterface statically, by net.
  
  Socks *functionality* is the ability to forward packets by proxy
  through a connection to a proxy agent on the firewall.
  
  This has the benefit of *not* implementing the "functionality"
  of "recompile all socket using programs".

  > > It is a mistake to  rebuild "telnet, ftp, et al" to achieve
  > > functionality that belongs at the transport layer, not in the
  > > applications.
  > 
  > The functionality is correctly implemented in the _library_ functions
  > that telnet, ftp et. al call.  Incorporating Socks proxy support in the
  > system libraries would instantly Socksify _all_ of the system, including
  > any ports built, as well as Perl and so forth.
  > 
  > Given the popularity of firewalls these days, this would be a Big Plus.
  
  First, he was talking about implementing it on a per application
  basis via the makefile hack that is recommended by the socks
  package.

True.
  
  Second, this is an atypical network configuration, and the average
  user should not have to pay for it in their libc.

Untrue, however that's what libsocks.so is for.

However, the point is moot, since socks5 uses LD_PRELOAD to implement
its magic, socks5 can be made a "real" package because there is no need
to modify our code to link in the proxy fake-out code.

I'm going to back out my changes for socks4, they're irrelevant with socks5.