Date: Mon, 8 Jun 1998 00:10:11 -0300 (EST) From: Joao Carlos Mendes Luis <jonny@jonny.eng.br> To: julian@whistle.com (Julian Elischer) Cc: ghelmer@scl.ameslab.gov, hackers@FreeBSD.ORG, net@FreeBSD.ORG Subject: Re: Transparent packet diversion: Where is it? Message-ID: <199806080310.AAA11012@roma.coe.ufrj.br> In-Reply-To: <35773444.59E2B600@whistle.com> from Julian Elischer at "Jun 4, 98 04:56:52 pm"
next in thread | previous in thread | raw e-mail | index | archive | help
#define quoting(Julian Elischer) // > This code mostly adds support to the ipfw interface and code to support // > two things, which are based on the same thing: // > // > * Directing INCOMING traffic that match rules to a LOCAL TCP port. // > This is intended for transparent proxying without external calls // > to a LKM, it also doesn't touch the packet, so getsockname() works // > so there's also no need for a subsequent IOCTL to work out what the // > original destination/port was. // > It's freaky seeing random remote IP's listed as "Local addresses" // > in netstat! BSD-router-speed transparent diversion... :-) // > // > * Modifying the next-hop address of OUTBOUND traffic that matches the // > rule. My intention for this is to direct web traffic from a core // > router to a transparent proxy. David Sharnoff also wanted something // > similar, and the functionality of this thus extends to doing a route // > table lookup on the specified next-hop and using the route to it, // > meaning the next-hop doesn't need to be on a directly reachable // > interface. Remember though, this code only forwards to a directly // > reachable machine! It doesn't deliver it to the specified next-hop! // > TCP port numbers are ignored if this rule comes into affect. Cool !!! When will this be added to the main source tree ? :) Jonny -- Joao Carlos Mendes Luis M.Sc. Student jonny@jonny.eng.br Universidade Federal do Rio de Janeiro To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199806080310.AAA11012>