Date: Sat, 26 Jul 1997 16:24:15 -0500 From: John Prince <johnp@knight-trosoft.com> To: FreeBSD Technical Reader <kernel@acromail.ml.org> Cc: "Daniel O'Callaghan" <danny@panda.hilink.com.au>, Dan Janowski <danj@3skel.com>, hackers <freebsd-hackers@FreeBSD.ORG> Subject: Re: ipfw divert, transparent proxy Message-ID: <199707262124.QAA12726@knight.knight-trosoft.com> In-Reply-To: Your message of "Sat, 26 Jul 1997 12:32:31 PDT." <Pine.BSF.3.96.970726123020.9794C-100000@acromail.ml.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Who is ``FreeBSD Technical Reader'' --John FreeBSD Technical Reader writes: > > I know I could be banned for life for saying this --- but you could also > use a linux machine and the ipmasquerading built into the kernel for doing > this, there are no equivalent features in FreeBSD and it works much better > than natd (Ipmasquerading is one of the things i miss from linux). Please > forgive me for this sin. > > On Thu, 24 Jul 1997, Daniel O'Callaghan wrote: > > > On Thu, 24 Jul 1997, Dan Janowski wrote: > > > > > I am replacing an old TIS firewall that has one very > > > interesting feature that I am looking to provide with my > > > FreeBSD 2.2.2 box. It is this: > > > > > > They use ipfs which has the capability of "transparently" doing > > > packet re-rerouting and, thereby, proxy transparently. > > > > It is a nice feature, and divert sockets is the way to do it in FreeBSD, > > but it has not been done yet. <peter@clari.net.au> got half-way through > > a transparent http proxy using divert sockets, but did a tcpdump analysis > > of his customers' traffic and found that < 1% were not using the proxy, > > so he did not bother finishing the code (too busy on paying work). > > > > Danny > > > >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199707262124.QAA12726>