Date: Thu, 5 Feb 2009 03:24:41 +0100 From: Mij <mij@bitchx.it> To: freebsd-pf@freebsd.org Subject: bridge and PF for transparent proxy Message-ID: <397AAEFD-1C61-4EB4-8913-461A43EA9E2C@bitchx.it>
next in thread | raw e-mail | index | archive | help
Hello folks, On a FBSD7.1 box I would like to implement this sort of "transparent reverse proxy": inet <---> (vr0)<box>(vr1) <---> host such box is expected to 1) pass transparently anything from inet to host and viceversa 2) redirect some of such traffic (some well-defined TCP connections) from "inet" to an application listening on 127.0.0.1 on the box 3) make this application connect to "host" pretending to be the original source -- that is, using as source address the address of the client that connected to it from inet I use bridge(4) over vr0 and vr1 to implement 1). I use something similar to http://marc.info/?l=openbsd-misc&m=108089194621750&w=2 for 2). Although from the network perspective 3) seems easily feasible as well, I cannot think of a reasonable setup on the box host for it. Anyone has some advice for it?
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?397AAEFD-1C61-4EB4-8913-461A43EA9E2C>