From owner-freebsd-hackers Thu Jan 30 01:49:02 1997 Return-Path: Received: (from root@localhost) by freefall.freebsd.org (8.8.5/8.8.5) id BAA01670 for hackers-outgoing; Thu, 30 Jan 1997 01:49:02 -0800 (PST) Received: from cheops.anu.edu.au (avalon@cheops.anu.edu.au [150.203.76.24]) by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id BAA01664 for ; Thu, 30 Jan 1997 01:48:59 -0800 (PST) Message-Id: <199701300948.BAA01664@freefall.freebsd.org> Received: by cheops.anu.edu.au (1.37.109.16/16.2) id AA152817733; Thu, 30 Jan 1997 20:48:53 +1100 From: Darren Reed Subject: Re: ipdivert & masqd To: cmott@srv.net Date: Thu, 30 Jan 1997 20:48:53 +1100 (EDT) Cc: hackers@freebsd.org In-Reply-To: <199701300526.VAA20592@freefall.freebsd.org> from "Darren Reed" at Jan 30, 97 04:26:18 pm X-Mailer: ELM [version 2.4 PL23] Content-Type: text Sender: owner-hackers@freebsd.org X-Loop: FreeBSD.org Precedence: bulk In some mail from Darren Reed, sie said: > > > > The point is, it isn't Gauntlet or the Firewall Toolkit which is doing > > > anything wrong, it is the "transparent proxy" which makes bad assumptions > > > (although 99% of the time it gets away with them). > > Your comments are interesting, but your attitude is not constructive in > > my view. > > This probably reflects my frustration of how difficult it is to > implement properly. And more to the point, ipmasqd/ipdivertd are in a good position to do it properly so some effort should be made to see what can be done to create a solution that overcomes deficincies in other existing systems. Wasting this oppotunity doesn't seem very sensible (to me). IMHO, some effort should be made to attempt to "do it properly". Maybe the "simpler" solutions could be imlpemented but they should be done so only with a clear understanding that its a temporary solution and work is being done on fixing it. (Is that a bit more constructive ?) Darren