Skip site navigation (1)Skip section navigation (2)
Date:      Mon, 8 Jun 1998 00:10:11 -0300 (EST)
From:      Joao Carlos Mendes Luis <jonny@jonny.eng.br>
To:        julian@whistle.com (Julian Elischer)
Cc:        ghelmer@scl.ameslab.gov, hackers@FreeBSD.ORG, net@FreeBSD.ORG
Subject:   Re: Transparent packet diversion: Where is it?
Message-ID:  <199806080310.AAA11012@roma.coe.ufrj.br>
In-Reply-To: <35773444.59E2B600@whistle.com> from Julian Elischer at "Jun 4, 98 04:56:52 pm"

next in thread | previous in thread | raw e-mail | index | archive | help
#define quoting(Julian Elischer)
// > This code mostly adds support to the ipfw interface and code to support
// > two things, which are based on the same thing:
// > 
// >  * Directing INCOMING traffic that match rules to a LOCAL TCP port.
// >    This is intended for transparent proxying without external calls
// >    to a LKM, it also doesn't touch the packet, so getsockname() works
// >    so there's also no need for a subsequent IOCTL to work out what the
// >    original destination/port was.
// >    It's freaky seeing random remote IP's listed as "Local addresses"
// >    in netstat! BSD-router-speed transparent diversion... :-)
// > 
// >  * Modifying the next-hop address of OUTBOUND traffic that matches the
// >    rule. My intention for this is to direct web traffic from a core
// >    router to a transparent proxy. David Sharnoff also wanted something
// >    similar, and the functionality of this thus extends to doing a route
// >    table lookup on the specified next-hop and using the route to it,
// >    meaning the next-hop doesn't need to be on a directly reachable
// >    interface. Remember though, this code only forwards to a directly
// >    reachable machine! It doesn't deliver it to the specified next-hop!
// >    TCP port numbers are ignored if this rule comes into affect.

Cool !!!  When will this be added to the main source tree ?   :)

					Jonny

--
Joao Carlos Mendes Luis            M.Sc. Student
jonny@jonny.eng.br                 Universidade Federal do Rio de Janeiro

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199806080310.AAA11012>