Date: Mon, 16 Dec 1996 14:52:52 -0800 From: Julian Elischer <julian@whistle.com> To: Charles Owens <owensc@enc.edu> Cc: Gary Roberts <wangel@wgrobez1.remote.louisville.edu>, DNEX <dnex@access.digex.net>, current@freebsd.org, stable@freebsd.org Subject: Re: IP masquerading (for a LAN, _not_ PPP) Message-ID: <32B5D2C4.41C67EA6@whistle.com> References: <Pine.FBS.3.93.961216160041.11672I-100000@dingo.its.enc.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
Charles Owens wrote: > > On Sun, 8 Dec 1996, Gary Roberts wrote: > > > On Sun, 8 Dec 1996, DNEX wrote: > > > > > Does FreeBSD support IP masquerading or are there plans to implement it? > > > > > > > Yes. It does. Charles Mott. Nice piece of software. Anyways, it's not > > a program like linux uses, it uses the PPP program. Check it out at: > > > > http://www.srv.net/~cmott/alias.html > > This looks nifty, but I'm interested in doing masquerading on a firewall > for users on a large LAN, not dialing in via PPP. What's the status of > doing _this_ with FreeBSD? FreeBSD 2.2 includes the feature "DIVERT SOCKETS" these can be used in conjunction with the ipfw code to create a translation feature. Use the 'divert' keyword with the Ipfw to divert a packet to a 'divert socket' that is openned by the translation daemon. the daemon monitors incoming packets and 'fiddles' the headers accordingly. It also dynamically changes the firewall rules depending on the sessions being translated. We have that runing here but unfortunatly, while we were able to give the divert code out, we can'r give out the daemon.. julian > > --- > -
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?32B5D2C4.41C67EA6>