Date: Tue, 9 Jun 1998 22:06:39 -0700 (PDT) From: Julian Elischer <julian@whistle.com> To: current@FreeBSD.ORG Subject: Annnonce: Transparent proxy patches Message-ID: <Pine.BSF.3.95.980609213531.26901N-100000@current1.whistle.com>
next in thread | raw e-mail | index | archive | help
Chrisy Luke <chrisy@flix.net> posted a mixed set of patches recently that added the ability to do transparent proxying to FreeBSD, however there were several shortcomings. 1/ In particular you really needed 2 machines or to match 2 different rules to be able to do some redirections. 2/ They were part of his 'multipath' patches. I have separated them out and updted them for -current. I have also put in some code to allow local redirection of outgoing packets. they allow you to do: ipfw add 2 fwd localhost,4000 tcp from any to any 80 out xmit tun0 recv ed0 which would redirect any out going internet http requests from your local network to your local web cache (squid?) at port 4000 or even ipfw add 2 fwd localhost tcp from any to any in recv ed0 Which will 'capture' all packets coming through that machine from ed0 and redirect them to the same port on the local machine. This would allow you to feed connections to a whole pile of proxies and filters with a single firewall rule. for fun: ipfw add 2 fwd localhost,25 tcp from any to any 23 in recv ed0 which will redirect all the telnet sessions to smtp :-) alternatively you could redirect all outgoing http requests to a special cache machine ("squid").. #squid can get anywhere.. ipfw add 1 allow tcp from squid to any 80 #everyone else goes via squid ipfw add 2 fwd squid,80 tcp from any to any 80 out xmit tun0 recv ed0 of course machine squid needs a local redirect to capture the requests.. #gobble ipfw add 2 fwd localhost tcp from any to any 80 in I believe Linux has had this for a short while.. The patches for this are at: http://www.freebsd.org/~julian looking for feedback.. julian To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.95.980609213531.26901N-100000>