From owner-freebsd-hackers  Fri Jul 19 10:54:09 1996
Return-Path: owner-hackers
Received: (from root@localhost)
          by freefall.freebsd.org (8.7.5/8.7.3) id KAA10439
          for hackers-outgoing; Fri, 19 Jul 1996 10:54:09 -0700 (PDT)
Received: from ref.tfs.com ([206.245.251.1])
          by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id KAA10434
          for <freebsd-hackers@freebsd.org>; Fri, 19 Jul 1996 10:54:07 -0700 (PDT)
Received: (from julian@localhost) by ref.tfs.com (8.7.5/8.7.3) id KAA26403; Fri, 19 Jul 1996 10:53:54 -0700 (PDT)
Message-Id: <199607191753.KAA26403@ref.tfs.com>
Subject: Re: IP masquerading over tunel device
To: avalon@coombs.anu.edu.au (Darren Reed)
Date: Fri, 19 Jul 1996 10:53:54 -0700 (PDT)
From: "JULIAN Elischer" <julian@ref.tfs.com>
Cc: noel@harleystreet.com, freebsd-hackers@freebsd.org
In-Reply-To: <199607191722.KAA09210@freefall.freebsd.org> from "Darren Reed" at Jul 20, 96 03:22:25 am
X-Mailer: ELM [version 2.4 PL25 ME8b]
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Sender: owner-hackers@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

darren, your web page seems to point to a non existantfile 
(or so netscape says..
ftp://coombs.anu.edu.au/pub/net/kernel/ip-fil3.1.0.tar.gz
retunrs an error)

I'm surprised that I haven't heard more about this..
oh well.

so this is a kernel module(!?)
I thought it was a user process

so now we have two conflicting competing kernel ip filters..
(aint competition great?)

is this the original ip filtering package someone submitted back
in the old 386BSD days?

julian
> 
> 
> 
> In some mail from Noel Burton-Krahn, sie said:
> > 
> > I'm not sure what you mean by the "NAT implementation" in ipfilter.  =
> > from the docs, I see that ipfilter can detect packets that would need to =
> > be edited in an IP masquerading sense, but can ipfilter remove those =
> > packets from the IP code in the kernel and re-insert edited packets?
> 
> "re-insert" ?
> 
> It just changes them on their way through.
> 
> However, NAT wasn't `officially' part of IP Fitler until about 2 weeks ago,
> although it was present, when 3.1.0 was released (also made the transparent
> proxy stuff `official').
> 
> Have another look at the web pages, in particular this one:
> 
> http://coombs.anu.edu.au/~avalon/ipfil-flow.html
> 
> which shows how the various stages interact in how packets are passed
> through.
> 
> Darren
>