From owner-cvs-sys Sun Jul 5 20:21:40 1998 Return-Path: Received: (from daemon@localhost) by hub.freebsd.org (8.8.8/8.8.8) id UAA21886 for cvs-sys-outgoing; Sun, 5 Jul 1998 20:21:40 -0700 (PDT) (envelope-from owner-cvs-sys) Received: from freefall.freebsd.org (freefall.FreeBSD.ORG [204.216.27.21]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id UAA21786; Sun, 5 Jul 1998 20:20:31 -0700 (PDT) (envelope-from julian@FreeBSD.org) From: Julian Elischer Received: (from julian@localhost) by freefall.freebsd.org (8.8.8/8.8.5) id UAA10554; Sun, 5 Jul 1998 20:20:28 -0700 (PDT) Date: Sun, 5 Jul 1998 20:20:28 -0700 (PDT) Message-Id: <199807060320.UAA10554@freefall.freebsd.org> To: cvs-committers@FreeBSD.ORG, cvs-all@FreeBSD.ORG, cvs-sbin@FreeBSD.ORG, cvs-sys@FreeBSD.ORG Subject: cvs commit: src/sbin/ipfw ipfw.8 ipfw.c src/sys/netinet in.h ip_fw.c ip_fw.h ip_input.c ip_output.c ip_var.h tcp_input.c Sender: owner-cvs-sys@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk julian 1998/07/05 20:20:28 PDT Modified files: sbin/ipfw ipfw.8 ipfw.c sys/netinet in.h ip_fw.c ip_fw.h ip_input.c ip_output.c ip_var.h tcp_input.c Log: Support for IPFW based transparent forwarding. Any packet that can be matched by a ipfw rule can be redirected transparently to another port or machine. Redirection to another port mostly makes sense with tcp, where a session can be set up between a proxy and an unsuspecting client. Redirection to another machine requires that the other machine also be expecting to receive the forwarded packets, as their headers will not have been modified. /sbin/ipfw must be recompiled!!! Reviewed by: Peter Wemm Submitted by: Chrisy Luke Revision Changes Path 1.43 +25 -1 src/sbin/ipfw/ipfw.8 1.58 +31 -2 src/sbin/ipfw/ipfw.c 1.36 +2 -2 src/sys/netinet/in.h 1.92 +40 -5 src/sys/netinet/ip_fw.c 1.33 +4 -1 src/sys/netinet/ip_fw.h 1.92 +48 -12 src/sys/netinet/ip_input.c 1.76 +132 -7 src/sys/netinet/ip_output.c 1.42 +4 -1 src/sys/netinet/ip_var.h 1.79 +29 -1 src/sys/netinet/tcp_input.c