Date: Wed, 17 Jul 1996 09:42:37 +1000 (EST) From: "Daniel O'Callaghan" <danny@panda.hilink.com.au> To: Noel Burton-Krahn <noel@harleystreet.com> Cc: "'freebsd-hackers@freebsd.org'" <freebsd-hackers@freebsd.org> Subject: RE: IP masquerading over tunel device Message-ID: <Pine.BSF.3.91.960717093620.27376C-100000@panda.hilink.com.au> In-Reply-To: <01BB72FD.0E47CEE0@mcduck.harleystreet.com>
next in thread | previous in thread | raw e-mail | index | archive | help
I've been meaning to do this for a while, but never found my round tuit. Pull apart the Linux ipfw code. It is different, but has a similar parentage, and it has the NAT code in it already. Also, the SliRP code has some good stuff on rewriting FTP packets etc. In FreeBSD, it can either be done by making SliRP use tun, instead of stdin/stdout, or by doing it entirely in ipfw. Both make sense. However, in using tun, one may have to add a 'steer' command to ipfw to divert packets to the tun interface based on their origin IP address. This would allow you to do masquerading for one internal network, but not another. Very flexible! On Tue, 16 Jul 1996, Noel Burton-Krahn wrote: > > > > > > I'm condidering hacking IP masquerading into FreeBSD. Options include: > > > 1) something like PPP which extracts packets from the tunnel device, = > > > edits them, and retransmits. > > > 2) modifying the kernel firewall code a la Linux. > > > > > > option #1 seems more elegant to me, but I don't have any docs on the = > > > tunnel device, other than the PPP source. Could someone supply me with = > > > docs? > > > > > > Of course if someone is already trying this, let me know. > > > > > > --Noel > > > > > > > > > > > > > > >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.91.960717093620.27376C-100000>