Date: Tue, 16 Jul 1996 19:41:57 -0700 (PDT) From: "JULIAN Elischer" <julian@ref.tfs.com> To: danny@panda.hilink.com.au (Daniel O'Callaghan) Cc: noel@harleystreet.com, freebsd-hackers@FreeBSD.ORG Subject: Re: IP masquerading over tunel device Message-ID: <199607170241.TAA04643@ref.tfs.com> In-Reply-To: <Pine.BSF.3.91.960717093620.27376C-100000@panda.hilink.com.au> from "Daniel O'Callaghan" at Jul 17, 96 09:42:37 am
next in thread | previous in thread | raw e-mail | index | archive | help
> > > > I've been meaning to do this for a while, but never found my round tuit. > Pull apart the Linux ipfw code. It is different, but has a similar > parentage, and it has the NAT code in it already. Also, the SliRP code has > some good stuff on rewriting FTP packets etc. > > In FreeBSD, it can either be done by making SliRP use tun, instead of > stdin/stdout, or by doing it entirely in ipfw. Both make sense. > However, in using tun, one may have to add a 'steer' command to ipfw > to divert packets to the tun interface based on their origin IP address. > This would allow you to do masquerading for one internal network, but not > another. Very flexible! we've already done this.. see divert(4) in -current and ipfw(8) as well of course > > On Tue, 16 Jul 1996, Noel Burton-Krahn wrote: > > > > > > > > > I'm condidering hacking IP masquerading into FreeBSD. Options include: > > > > 1) something like PPP which extracts packets from the tunnel device, = > > > > edits them, and retransmits. > > > > 2) modifying the kernel firewall code a la Linux. > > > > > > > > option #1 seems more elegant to me, but I don't have any docs on the = > > > > tunnel device, other than the PPP source. Could someone supply me with = > > > > docs? > > > > > > > > Of course if someone is already trying this, let me know. > > > > > > > > --Noel > > > > > > > > > > > > > > > > > > > > > > > >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199607170241.TAA04643>