From owner-freebsd-questions Mon May 20 22:13:13 1996 Return-Path: owner-questions Received: (from root@localhost) by freefall.freebsd.org (8.7.3/8.7.3) id WAA27125 for questions-outgoing; Mon, 20 May 1996 22:13:13 -0700 (PDT) Received: from tenet.CS.Berkeley.EDU (root@tenet.CS.Berkeley.EDU [128.32.33.109]) by freefall.freebsd.org (8.7.3/8.7.3) with SMTP id WAA27120 for ; Mon, 20 May 1996 22:13:11 -0700 (PDT) Received: from conviction.CS.Berkeley.EDU (conviction.CS.Berkeley.EDU [128.32.33.103]) by tenet.CS.Berkeley.EDU (8.6.11/8.6.6) with ESMTP id WAA14495; Mon, 20 May 1996 22:13:08 -0700 Received: from conviction.CS.Berkeley.EDU (localhost.Berkeley.EDU [127.0.0.1]) by conviction.CS.Berkeley.EDU (8.6.11/1.3-tenet) with ESMTP id WAA24403; Mon, 20 May 1996 22:13:06 -0700 Message-Id: <199605210513.WAA24403@conviction.CS.Berkeley.EDU> X-Mailer: exmh version 1.6.7 5/3/96 To: Tony Kimball cc: terry@lambert.org, bmah@cs.berkeley.edu, questions@freebsd.org Subject: Re: ip masquerading In-reply-to: Your message of "Tue, 21 May 1996 00:03:18 CDT." <199605210503.AAA19856@compound.Think.COM> From: bmah@cs.berkeley.edu (Bruce A. Mah) Reply-to: bmah@cs.berkeley.edu X-Face: g~c`.{#4q0"(V*b#g[i~rXgm*w;:nMfz%_RZLma)UgGN&=j`5vXoU^@n5v4:OO)c["!w)nD/!!~e4Sj7LiT'6*wZ83454H""lb{CC%T37O!!'S$S&D}sem7I[A 2V%N&+ Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: Mon, 20 May 1996 22:13:03 -0700 Sender: owner-questions@freebsd.org X-Loop: FreeBSD.org Precedence: bulk Tony Kimball writes: > From: Terry Lambert > Date: Mon, 20 May 1996 21:30:39 -0700 (MST) > > > Host, protocol could be encoded in the port number. > > You have *got* to be kidding! > > Hey, I'm not the one who wants to recover state. I'm just trying > to scam out how it could be done. You've got a good 15.97 bits to > work with... I'd rather not recover state either. That was my point. :-) It's also kind of hard to cram 32 bits of IP address and X bits of port/application/whatever (where X is small) into 16 bits of port number, without needing some other kind of shared state. > > > It would be nice to pull out the rewriting stuff into loadable > > > rule sets. > > > > It would be nicer to not need them. > > > > Not an option, though, is it? > > It is for a real proxy. 8-). > > "real" proxies are still rewriting packets. They're just > spending a lot more to do it. That's okay, though. "Real" proxies transform data in the application layer, not by rewriting packets at the network layer. > The point is to make it work, not to make it work efficiently. To quote Terry: You have *got* to be kidding! :-) Bruce.