From owner-freebsd-hackers  Sat Jul 26 14:27:37 1997
Return-Path: <owner-freebsd-hackers>
Received: (from root@localhost)
          by hub.freebsd.org (8.8.5/8.8.5) id OAA21061
          for hackers-outgoing; Sat, 26 Jul 1997 14:27:37 -0700 (PDT)
Received: from garbo.lodgenet.com (garbo.lodgenet.com [204.124.122.252])
          by hub.freebsd.org (8.8.5/8.8.5) with SMTP id OAA21053
          for <freebsd-hackers@FreeBSD.ORG>; Sat, 26 Jul 1997 14:27:34 -0700 (PDT)
Received: from schmeggie.knight-trosoft.com (jprince-home.lodgenet.com [10.0.9.53]) by garbo.lodgenet.com (8.6.12/8.6.9) with ESMTP id QAA26283; Sat, 26 Jul 1997 16:24:40 -0500
Received: from knight.knight-trosoft.com (knight.knight-trosoft.com [192.168.200.1])
	by schmeggie.knight-trosoft.com (8.8.5/8.8.5) with ESMTP id QAA00577;
	Sat, 26 Jul 1997 16:24:17 -0500 (CDT)
Received: from knight.knight-trosoft.com (localhost.knight-trosoft.com. [127.0.0.1])
	by knight.knight-trosoft.com (8.8.5/8.8.5) with ESMTP id QAA12726;
	Sat, 26 Jul 1997 16:24:16 -0500 (CDT)
Message-Id: <199707262124.QAA12726@knight.knight-trosoft.com>
X-Mailer: exmh version 2.0gamma 1/27/96
To: FreeBSD Technical Reader <kernel@acromail.ml.org>
cc: "Daniel O'Callaghan" <danny@panda.hilink.com.au>,
        Dan Janowski <danj@3skel.com>, hackers <freebsd-hackers@FreeBSD.ORG>
Subject: Re: ipfw divert, transparent proxy 
In-reply-to: Your message of "Sat, 26 Jul 1997 12:32:31 PDT."
             <Pine.BSF.3.96.970726123020.9794C-100000@acromail.ml.org> 
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Date: Sat, 26 Jul 1997 16:24:15 -0500
From: John Prince <johnp@knight-trosoft.com>
Sender: owner-freebsd-hackers@FreeBSD.ORG
X-Loop: FreeBSD.org
Precedence: bulk

Who is ``FreeBSD Technical Reader'' 
--John

FreeBSD Technical Reader writes:
> 
> I know I could be banned for life for saying this --- but you could also
> use a linux machine and the ipmasquerading built into the kernel for doing
> this, there are no equivalent features in FreeBSD and it works much better
> than natd (Ipmasquerading is one of the things i miss from linux). Please
> forgive me for this sin.
> 
> On Thu, 24 Jul 1997, Daniel O'Callaghan wrote:
> 
> > On Thu, 24 Jul 1997, Dan Janowski wrote:
> > 
> > > I am replacing an old TIS firewall that has one very
> > > interesting feature that I am looking to provide with my
> > > FreeBSD 2.2.2 box. It is this:
> > > 
> > > They use ipfs which has the capability of "transparently" doing
> > > packet re-rerouting and, thereby, proxy transparently.
> > 
> > It is a nice feature, and divert sockets is the way to do it in FreeBSD, 
> > but it has not been done yet.  <peter@clari.net.au> got half-way through 
> > a transparent http proxy using divert sockets, but did a tcpdump analysis 
> > of his customers' traffic and found that < 1% were not using the proxy, 
> > so he did not bother finishing the code (too busy on paying work).
> > 
> > Danny
> > 
> 
>