From owner-freebsd-hackers Thu Jan 14 11:16:15 1999 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id LAA21509 for freebsd-hackers-outgoing; Thu, 14 Jan 1999 11:16:15 -0800 (PST) (envelope-from owner-freebsd-hackers@FreeBSD.ORG) Received: from awfulhak.org (awfulhak.force9.co.uk [195.166.136.63]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id LAA21364; Thu, 14 Jan 1999 11:15:58 -0800 (PST) (envelope-from brian@Awfulhak.org) Received: from keep.lan.Awfulhak.org (brian@keep.lan.Awfulhak.org [172.16.0.8]) by awfulhak.org (8.8.8/8.8.8) with ESMTP id TAA23988; Thu, 14 Jan 1999 19:13:09 GMT (envelope-from brian@Awfulhak.org) Received: from keep.lan.Awfulhak.org (brian@localhost [127.0.0.1]) by keep.lan.Awfulhak.org (8.9.2/8.9.1) with ESMTP id IAA44236; Thu, 14 Jan 1999 08:51:57 GMT (envelope-from brian@keep.lan.Awfulhak.org) Message-Id: <199901140851.IAA44236@keep.lan.Awfulhak.org> X-Mailer: exmh version 2.0.2 2/24/98 To: Eivind Eklund cc: "Joseph T. Lee" , hackers@FreeBSD.ORG, Charles Mott , Ari Suutari Subject: Re: libalias and ident (& API changes) In-reply-to: Your message of "Thu, 14 Jan 1999 04:29:51 +0100." <19990114042951.I76923@bitbox.follo.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: Thu, 14 Jan 1999 08:51:57 +0000 From: Brian Somers Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG [Charles & Ari cc'd] [discussion about supporting ident queries back through libalias] > On Wed, Jan 13, 1999 at 02:22:45PM -0800, Joseph T. Lee wrote: > > Any better ways to hack around this crux would be most welcome. > > I think the only way to do this is > > (1) 'Take over' port 113, faking an endpoint for all connections to > it. > (2) When the actual request comes in, parse it to find out which > alias_link it belongs to. If it doesn't belong to any, synthezise a > 'not found' response and be done. Otherwise, start creating a > TCP-connection to true target, where you'll be repeating the request > (with appropriate sequence number skew etc). > (3) Create an alias_link for the ingoing connection. > > Of course, all of this requires that you are able to synthesise new > packets, not just modify or drop packets. The present libalias API is > not up to it; the API must be re-done, and all the clients updated. > > While we're at it, I think the library should be renamed to libnat. > The code should also be made to not use these enormous amounts of > global data, but instead work on data structures passed in by the > client - this allow several instances in a single unit, and makes it > much more suitable for more serious use. I agree with the data localisation and don't really care one way or the other about the naming. However, Charles Mott (the libalias author - cc'd) had something to say about this last time it was discussed IIRC. > Eivind. -- Brian Don't _EVER_ lose your sense of humour ! To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message