From owner-freebsd-hackers Thu Jun 4 13:14:26 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id NAA25152 for freebsd-hackers-outgoing; Thu, 4 Jun 1998 13:14:26 -0700 (PDT) (envelope-from owner-freebsd-hackers@FreeBSD.ORG) Received: from mailhub.scl.ameslab.gov (mailhub.scl.ameslab.gov [147.155.137.127]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id NAA25041; Thu, 4 Jun 1998 13:13:53 -0700 (PDT) (envelope-from ghelmer@scl.ameslab.gov) Received: from demios.ether.scl.ameslab.gov ([147.155.137.54] helo=demios.scl.ameslab.gov) by mailhub.scl.ameslab.gov with smtp (Exim 1.90 #1) id 0yhgOE-0003V5-00; Thu, 4 Jun 1998 15:13:34 -0500 Date: Thu, 4 Jun 1998 15:13:43 -0500 (CDT) From: Guy Helmer To: Julian Elischer cc: hackers@FreeBSD.ORG, net@FreeBSD.ORG Subject: Re: Transparent packet diversion: Where is it? In-Reply-To: <3576DE84.ED153D95@adinet.com.uy> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Thu, 4 Jun 1998, Angelo Nardone wrote: > Julian Elischer wrote: > > > A month or so ago, someone announced a package that > > did redirection of packets to arbitrary places. > > > > I remember the comment > > "it's wierd seeing all those foreign adresses in the netstat listing". Perhaps this was what you were looking for: Date: Thu, 30 Apr 1998 21:06:04 +0100 From: Chrisy Luke To: freebsd-hackers@FreeBSD.ORG Subject: Beta 3 release of Multipath routing and friends. ftp://ftp.flirble.org/pub/unix/hacks/FreeBSD/mpath.b3.tgz README attached. A few fixes to the Multipath code. The metric stuff and the persistant route caching will come in b4. This code mostly adds support to the ipfw interface and code to support two things, which are based on the same thing: * Directing INCOMING traffic that match rules to a LOCAL TCP port. This is intended for transparent proxying without external calls to a LKM, it also doesn't touch the packet, so getsockname() works so there's also no need for a subsequent IOCTL to work out what the original destination/port was. It's freaky seeing random remote IP's listed as "Local addresses" in netstat! BSD-router-speed transparent diversion... :-) * Modifying the next-hop address of OUTBOUND traffic that matches the rule. My intention for this is to direct web traffic from a core router to a transparent proxy. David Sharnoff also wanted something similar, and the functionality of this thus extends to doing a route table lookup on the specified next-hop and using the route to it, meaning the next-hop doesn't need to be on a directly reachable interface. Remember though, this code only forwards to a directly reachable machine! It doesn't deliver it to the specified next-hop! TCP port numbers are ignored if this rule comes into affect. The rule-based forwarding mechanism is independant of the Multipath stuff, but does have multipath code in it if multipath is compiled in. Currently on rule-based forwarding there's a douvle-route-table penalty on the outbound traffic. I'll probably address this in b4 also. Chris. -- == chris@easynet.net, chrisy@flix.net, chrisy@flirble.org. == Head of Systems for Easynet Group PLC. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message