From owner-freebsd-net  Thu Jun  4 01:28:24 1998
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id BAA26906
          for freebsd-net-outgoing; Thu, 4 Jun 1998 01:28:24 -0700 (PDT)
          (envelope-from owner-freebsd-net@FreeBSD.ORG)
Received: from relay.ucb.crimea.ua (relay.ucb.crimea.ua [194.93.177.113])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id BAA26760;
          Thu, 4 Jun 1998 01:26:24 -0700 (PDT)
          (envelope-from ru@ucb.crimea.ua)
Received: (from ru@localhost)
	by relay.ucb.crimea.ua (8.8.8/8.8.8) id LAA28339;
	Thu, 4 Jun 1998 11:25:31 +0300 (EEST)
	(envelope-from ru)
Message-ID: <19980604112530.B27834@ucb.crimea.ua>
Date: Thu, 4 Jun 1998 11:25:30 +0300
From: Ruslan Ermilov <ru@ucb.crimea.ua>
To: Julian Elischer <julian@whistle.com>, hackers@FreeBSD.ORG, net@FreeBSD.ORG
Subject: Re: Transparent packet diversion: Where is it?
Mail-Followup-To: Julian Elischer <julian@whistle.com>, hackers@FreeBSD.ORG,
	net@FreeBSD.ORG
References: <3575DFDB.2781E494@whistle.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Mailer: Mutt 0.91i
In-Reply-To: <3575DFDB.2781E494@whistle.com>; from Julian Elischer on Wed, Jun 03, 1998 at 04:44:27PM -0700
X-Operating-System: FreeBSD 2.2.6-STABLE i386
Sender: owner-freebsd-net@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

Hi!

I recently wrote a small program which utilizes one divert socket and
one udp socket to implement IP-over-IP tunneling.

1. It has a bug: the IP checksum only valid for packets without IP options.
   This is due to recalculating checksum using in_cksum_hdr().
2. It lacks crypto-module, I'm planning to implement it soon.
3. You should specify the ``out'' keyword of the ipfw rule if you want your
   packets to be processed by the redirection-host itself (thus, TTL--).

Any feedback will be much appreciated!

You can download it from

		http://www.ucb.crimea.ua/~ru/FreeBSD/iptunnel/

On Wed, Jun 03, 1998 at 04:44:27PM -0700, Julian Elischer wrote:
> A month or so ago, someone announced a package that 
> did redirection of packets to arbitrary places.
> 
> 
> I remember the comment
> "it's wierd seeing all those foreign adresses in the netstat listing".
> 
> kind of like the Linux transproxy code I guess.
> 
> if ANYONE has a pointer to that code I'd apreciate it.
> I've done every search I can think of on the mail archives..
> 
> julian

Regards,
-- 
Ruslan Ermilov          System Administrator
ru@ucb.crimea.ua        United Commercial Bank
+380-652-247647         Simferopol, Crimea
2426679                 ICQ Network, UIN

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-net" in the body of the message