Date: Tue, 8 Jan 2008 11:10:24 +0900 From: "Adrian Chadd" <adrian@freebsd.org> To: "Andre Oppermann" <andre@freebsd.org> Cc: Perforce Change Reviews <perforce@freebsd.org> Subject: Re: PERFORCE change 132710 for review Message-ID: <d763ac660801071810i1a20eaf9if59e265a0527e04e@mail.gmail.com> In-Reply-To: <4782A21C.2060504@freebsd.org> References: <200801071418.m07EIwNn036146@repoman.freebsd.org> <4782A21C.2060504@freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On 08/01/2008, Andre Oppermann <andre@freebsd.org> wrote: > Reinventing the wheel? Have a look at IPFIREWALL_FORWARD > which supports transparent proxying as well. Yes, but redirects it to a local listen() socket, effectively spoofing the destination IP. The client (ie, the computer making the connect()) thinks its talking to the original destination. This is meant to implement the other end - spoofing the local IP on sockets that you connect() to, spoofing the local IP and not the destination IP. This is intended to let a FreeBSD box (with relevant symmetrical routing) pretend to be a client on a connect() to a remote server. If this can be done within pf/ipfw right now then please let me know. :) adrian -- Adrian Chadd - adrian@freebsd.org
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?d763ac660801071810i1a20eaf9if59e265a0527e04e>