Date: Mon, 1 Jun 2009 12:50:25 +0200 From: Pawel Jakub Dawidek <pjd@FreeBSD.org> To: freebsd-net@FreeBSD.org Cc: mlaier@FreeBSD.org Subject: PF's divert-to and divert-reply functionality. Message-ID: <20090601105024.GC1542@garage.freebsd.pl>
next in thread | raw e-mail | index | archive | help
--xo44VMWPx7vlQ2+2 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Hi there. I ported PF changes to make IP_BINDANY option usable on FreeBSD. I didn't port kernel changes from OpenBSD (except for extending this functionality for RAW IP sockets), because we had most of the code in place already used by ipfw forward code (IPFIREWALL_FORWARD option). I still had to implement it for UDP, because IPFIREWALL_FORWARD option changes address and port and I one to be able to find original destination when using IP_RECVDSTADDR in conjunction with recvmsg(2). The patch is here: http://people.freebsd.org/~pjd/patches/transparent_proxy.patch I'm looking for reviewers and testers. PS. IPv6 support is partially implemented (it isn't also for IPFIREWALL_FORWARD option). --=20 Pawel Jakub Dawidek http://www.wheel.pl pjd@FreeBSD.org http://www.FreeBSD.org FreeBSD committer Am I Evil? Yes, I Am! --xo44VMWPx7vlQ2+2 Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.4 (FreeBSD) iD8DBQFKI7JwForvXbEpPzQRAgNjAJ47ZqGs6re8ozEc3fycqyuW49U61wCg1VyV AqfiTlv0ca6Ae8NST1OCSK0= =4dTH -----END PGP SIGNATURE----- --xo44VMWPx7vlQ2+2--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20090601105024.GC1542>