From owner-freebsd-hackers  Wed Jan 29 13:32:21 1997
Return-Path: <owner-hackers>
Received: (from root@localhost)
          by freefall.freebsd.org (8.8.5/8.8.5) id NAA22856
          for hackers-outgoing; Wed, 29 Jan 1997 13:32:21 -0800 (PST)
Received: from darkstar (ras527.srv.net [205.180.127.27])
          by freefall.freebsd.org (8.8.5/8.8.5) with SMTP id NAA22827
          for <hackers@freebsd.org>; Wed, 29 Jan 1997 13:32:13 -0800 (PST)
Received: (from cmott@localhost) by darkstar (8.6.12/8.6.12) id OAA01100; Wed, 29 Jan 1997 14:31:48 -0700
Date: Wed, 29 Jan 1997 14:31:47 -0700 (MST)
From: Charles Mott <cmott@srv.net>
X-Sender: cmott@darkstar
To: Darren Reed <avalon@coombs.anu.edu.au>
cc: hackers@freebsd.org
Subject: Re: ipdivert & masqd
In-Reply-To: <9701292125.AA24747@snake.srv.net>
Message-ID: <Pine.BSF.3.91.970129143012.969G-100000@darkstar>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-hackers@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

On Thu, 30 Jan 1997, Darren Reed wrote:
> In some mail from Charles Mott, sie said:
> > 
> > > But anything after the 512th data byte in the TCP payload will be ignored,
> > > so if your message is 512 bytes long, contains a DCC request in it,
> > > information will be lost that the sender is not aware about (this assumes
> > > the packet is just one IRC message) if the payload size must increase as
> > > a result.
> > > 
> > > It is a *much* better idea to redirect IRC to a local TCP port and process
> > > it using a proxy agent.  Same could also be said for FTP.
> > > 
> > > Darren
> > 
> > Darren,
> > 
> > In theory, one can construct cases where the FTP logic in the packet
> > aliasing software won't work (IP fragmenting a PORT command, or where the
> > PORT command is split between TCP packets with different sequence numbers,
> > or where the PORT command is in the middle of a packet, and so forth). 
> > 
> > In practice, these situations are not seen, and the packet aliasing
> > software works for FTP.  The system loading is very low, and the software
> > easily scales to situations where there are large numbers of users. 
> > 
> > I don't know about IRC, but my guess is that the real situation is simpler
> > than the theoretical.  Whatever Linux does to handle IRC, I am told that
> > it looks fairly similar to what one does for FTP. 
> 
> Well, in practice, the TIS FWTK/Gauntlet was sending the FTP PORT command
> in two packets, so that Linux would break and so too did Firewall-1.
> 
> Darren
> 

That is curious.  What does TIS FWTK/Gauntlet do?

Charles Mott