Date: Tue, 29 Dec 1998 16:05:05 +0100 From: Adrian Chadd <adrian@FreeBSD.ORG> To: freebsd-current@FreeBSD.ORG Subject: Re: Transproxy: IPFilter or IPFW (was RE:wanton atticizing ...) Message-ID: <199812291505.QAA03260@ywing.creative.net.au> In-Reply-To: Your message of "Tue, 29 Dec 1998 13:32:27 %2B0200." <Pine.BSF.4.02.9812291320310.24995-100000@NetSurfer.lp.lviv.ua>
next in thread | previous in thread | raw e-mail | index | archive | help
pam@polynet.lviv.ua writes: >Hi everybody, > >In the discussion about transparent proxy support everybody should >remember about transparent support of other protocols besides HTTP. It is >only use of Host headers, that gives Squid ability to do transparency >without patching the source. > >Taking into consideration other protocols - Telnet, FTP, POP3, etc proxy >needs to get information about connection destination and THAT is specific >for redirection scheme. E.g IPFilter has a ioctl to get destination. > >I haven't seen any sample code for doing that under IPFW, should I use >getsockname or what? > >For me, it is extremely inconvinient to have two filtering solutions on >FreeBSD each having some unique features - Luigi's Dummynet for IPFW and >platform independence and supported by other applications like FWTK, >transparent proxy support of IPFilter :-( Erm, have you used the 'fw' hook yet? It behaves the same as Linux's transparent redirection facility. If you call getsockname() it will tell you where it was trying to connect to. From there you can do all sorts of useful things. IPFilter would be nice by default in a kernel *if* it was default with linux and all the other *bsd derivatives out there. To my knowledge (putting on flame proof bits here of course..) under those platforms you still have to grab IPFilter and compile it, why should it be any different in FreeBSD? (Although again, I'm not sure whether all the other *BSDs use ipfilter by default these days...) Adrian To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199812291505.QAA03260>