From owner-freebsd-net  Fri May 15 06:34:34 1998
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id GAA23542
          for freebsd-net-outgoing; Fri, 15 May 1998 06:34:34 -0700 (PDT)
          (envelope-from owner-freebsd-net@FreeBSD.ORG)
Received: from osku.suutari.iki.fi (kn6-045.ktvlpr.inet.fi [194.197.169.45])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id GAA23254
          for <freebsd-net@FreeBSD.ORG>; Fri, 15 May 1998 06:32:59 -0700 (PDT)
          (envelope-from ari@suutari.iki.fi)
Received: from suutari.iki.fi (mocha.intranet.syncrontech.com [192.168.2.3])
	by osku.suutari.iki.fi (8.8.7/8.8.5) with ESMTP id QAA11536;
	Fri, 15 May 1998 16:32:40 +0300 (EET DST)
Message-ID: <355C4626.5B8EAF27@suutari.iki.fi>
Date: Fri, 15 May 1998 16:41:58 +0300
From: Ari Suutari <ari@suutari.iki.fi>
X-Mailer: Mozilla 4.05 [en] (WinNT; I)
MIME-Version: 1.0
To: Julian Elischer <julian@whistle.com>
CC: Philippe Regnauld <regnauld@deepo.prosa.dk>, freebsd-net@FreeBSD.ORG,
        cmott@srv.net
Subject: Transparent proxying (was: IPFW + natd -redirect_port)
References: <Pine.BSF.3.95.980515004045.12303B-100000@current1.whistle.com>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-net@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

Hi,

Julian Elischer wrote:
> 
> I say an announcement a few weeks ago of transparent proxying...
> was that you?
> 

	There was some discussion about it a few weeks ago which
	lead to Charles starting to write transparent proxying part
	for libalias and me starting to integrate it into natd.

	After that, we ended up with a test version (which mostly works)
	but it has been quite silent after that (for me, the reason
	was being busy at work). There is still some work left in
	address encoding, but the basic things work quite well and
	the system is quite usable with squid and browsers that
	send Host: -line.

	Also, someone should modify the 'transproxy' to understand
	destination encoding done by libalias if the system should
	support transparent proxying with older browsers that don't
	send Host: -line.

	I have also been using this to transparently tunnel TCP connections
	to customers who offer only ssh logon to one host at their network.
	Works great (we are running http, telnet, oracle and netbios
	over it at work).  I was going to do transproxy modifications 
	because of this, but transproxy wasn't suitable this kind of 
	weird operation (I ended up in writing a simple tcp connection 
	forwarder myself).

		Ari S.

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-net" in the body of the message