From owner-freebsd-net Thu Jun 4 16:59:28 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id QAA11550 for freebsd-net-outgoing; Thu, 4 Jun 1998 16:59:28 -0700 (PDT) (envelope-from owner-freebsd-net@FreeBSD.ORG) Received: from alpo.whistle.com (alpo.whistle.com [207.76.204.38]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id QAA11425; Thu, 4 Jun 1998 16:58:43 -0700 (PDT) (envelope-from julian@whistle.com) Received: (from daemon@localhost) by alpo.whistle.com (8.8.5/8.8.5) id QAA13278; Thu, 4 Jun 1998 16:57:05 -0700 (PDT) Received: from current1.whistle.com(207.76.205.22) via SMTP by alpo.whistle.com, id smtpd013267; Thu Jun 4 23:56:58 1998 Message-ID: <35773444.59E2B600@whistle.com> Date: Thu, 04 Jun 1998 16:56:52 -0700 From: Julian Elischer Organization: Whistle Communications X-Mailer: Mozilla 3.0Gold (X11; I; FreeBSD 2.2.5-RELEASE i386) MIME-Version: 1.0 To: Guy Helmer CC: hackers@FreeBSD.ORG, net@FreeBSD.ORG Subject: Re: Transparent packet diversion: Where is it? References: Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org YES!!!! Guy Helmer wrote: > > On Thu, 4 Jun 1998, Angelo Nardone wrote: > > > Julian Elischer wrote: > > > > > A month or so ago, someone announced a package that > > > did redirection of packets to arbitrary places. > > > > > > I remember the comment > > > "it's wierd seeing all those foreign adresses in the netstat listing". > > Perhaps this was what you were looking for: > > Date: Thu, 30 Apr 1998 21:06:04 +0100 > From: Chrisy Luke > To: freebsd-hackers@FreeBSD.ORG > Subject: Beta 3 release of Multipath routing and friends. > > ftp://ftp.flirble.org/pub/unix/hacks/FreeBSD/mpath.b3.tgz > > README attached. > > A few fixes to the Multipath code. The metric stuff and the persistant > route caching will come in b4. > > This code mostly adds support to the ipfw interface and code to support > two things, which are based on the same thing: > > * Directing INCOMING traffic that match rules to a LOCAL TCP port. > This is intended for transparent proxying without external calls > to a LKM, it also doesn't touch the packet, so getsockname() works > so there's also no need for a subsequent IOCTL to work out what the > original destination/port was. > It's freaky seeing random remote IP's listed as "Local addresses" > in netstat! BSD-router-speed transparent diversion... :-) > > * Modifying the next-hop address of OUTBOUND traffic that matches the > rule. My intention for this is to direct web traffic from a core > router to a transparent proxy. David Sharnoff also wanted something > similar, and the functionality of this thus extends to doing a route > table lookup on the specified next-hop and using the route to it, > meaning the next-hop doesn't need to be on a directly reachable > interface. Remember though, this code only forwards to a directly > reachable machine! It doesn't deliver it to the specified next-hop! > TCP port numbers are ignored if this rule comes into affect. > > The rule-based forwarding mechanism is independant of the Multipath > stuff, but does have multipath code in it if multipath is compiled in. > > Currently on rule-based forwarding there's a douvle-route-table penalty > on the outbound traffic. I'll probably address this in b4 also. > > Chris. > -- > == chris@easynet.net, chrisy@flix.net, chrisy@flirble.org. > == Head of Systems for Easynet Group PLC. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message