From owner-freebsd-questions  Mon Nov 20 10:44:20 1995
Return-Path: owner-questions
Received: (from root@localhost)
          by freefall.freebsd.org (8.6.12/8.6.6) id KAA27304
          for questions-outgoing; Mon, 20 Nov 1995 10:44:20 -0800
Received: from bubba.tribe.com ([205.184.207.7])
          by freefall.freebsd.org (8.6.12/8.6.6) with ESMTP id KAA27295
          for <freebsd-questions@freebsd.org>; Mon, 20 Nov 1995 10:44:18 -0800
Received: (from archie@localhost) by bubba.tribe.com (8.6.12/8.6.12) id KAA20318; Mon, 20 Nov 1995 10:42:19 -0800
From: Archie Cobbs <archie@tribe.com>
Message-Id: <199511201842.KAA20318@bubba.tribe.com>
Subject: Re: IP Masquerading under FreeBSD?
To: serges@umr.edu (Doug S.)
Date: Mon, 20 Nov 1995 10:42:18 -0800 (PST)
Cc: d_burr@ix.netcom.com, freebsd-questions@freebsd.org
In-Reply-To: <m0tGhQR-0004KaC@nero.x10siv.org> from "Doug S." at Nov 18, 95 01:10:59 am
X-Mailer: ELM [version 2.4 PL24]
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Content-Length: 1106      
Sender: owner-questions@freebsd.org
Precedence: bulk


> I while back I had (and still have) the need to do this. It is such a
> powerful feature that I dont know why its not available under FreeBSD.
> (And Im not completely sure that its available under Linux. Anyone using
> it?)
> 
> Im also curious about the implementation. How does the kernel encode the
> the internal hosts' IP address? Does it keep an internal list or does it 
> save it in the IP packet? Where would it place the address (does anyone
> have a Stevens book handy? :) 

The way this works is by remapping TCP and UDP port numbers, and keeping
an internal mapping of (ExternalPort) <-> (InternalIp, InternalPort) for
both TCP and UDP. As packets fly by you just change their source or
destination according to the table. New outgoing packets cause a new
(unused) external port to be allocated.

So most apps work, but you can't ping from the inside, for example (because
ping uses ICMP which is neither TCP nor UDP).

-Archie

_______________________________________________________________________________
Archie L. Cobbs, archie@tribe.com  *  Tribe Computer Works http://www.tribe.com