From owner-freebsd-net Thu Nov 23 16: 2:39 2000 Delivered-To: freebsd-net@freebsd.org Received: from modemcable101.200-201-24.mtl.mc.videotron.ca (modemcable140.61-201-24.mtl.mc.videotron.ca [24.201.61.140]) by hub.freebsd.org (Postfix) with SMTP id A1FA737B4CF for ; Thu, 23 Nov 2000 16:02:35 -0800 (PST) Received: (qmail 35308 invoked from network); 24 Nov 2000 00:02:32 -0000 Received: from patrak.local.mindstep.com (HELO PATRAK) (192.168.10.4) by jacuzzi.local.mindstep.com with SMTP; 24 Nov 2000 00:02:32 -0000 Message-ID: <0dba01c055a9$ef7e9c20$040aa8c0@local.mindstep.com> From: "Patrick Bihan-Faou" To: "Josh Tiefenbach" Cc: References: <00Nov23.162928edt.453134-28539@jane.cs.toronto.edu> <3A1DA3F2.9C02F1B7@elischer.org> <0d9101c055a4$a1d5ba30$040aa8c0@local.mindstep.com> <20001123183543.A59950@zipperup.org> Subject: Re: PPPoE, nat, dsl, some web sites Date: Thu, 23 Nov 2000 19:03:11 -0500 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.50.4133.2400 X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4133.2400 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org > It would be nice if there was a way to use tcpmssd (or equiv functionality) > for those of us who prefer to use IPFilter/ipnat rather than ipfw/natd to > implement firewalls. > > For the record, is there a way to get ipfw and ipfilter to interact properly > so I can use tcpmssd? Or divert sockets for that matter. > > The flip side is, does anyone know of any efforts to port divert > sockets to the ipfilter framework? Yep this is really where the work is: if you can get ipfilter to use divert sockets this should not be too difficult. On the other hand, the work done in tcpmssd is really not difficult (I came up with the original code (in libalias) in a couple of hours) and can easily be integrated in whatever ipfilter uses for nat. Patrick. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message