Date: Wed, 18 Apr 2007 12:57:34 +0800 From: "Adrian Chadd" <adrian@freebsd.org> To: zen <zen@tk-pttuntex.com> Cc: jonathan michaels <jlm@caamora.com.au>, freebsd-stable@freebsd.org Subject: Re: tproxy on freebsd Message-ID: <d763ac660704172157q73cbefd8p9cb13597075eda7c@mail.gmail.com> In-Reply-To: <46257D1A.7050808@tk-pttuntex.com> References: <46247471.9030503@tk-pttuntex.com> <200704172129.22275.sanya-spb@list.ru> <20070418095903.12432@caamora.com.au> <462575D4.2010801@tk-pttuntex.com> <20070418115654.30422@caamora.com.au> <46257D1A.7050808@tk-pttuntex.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On 18/04/07, zen <zen@tk-pttuntex.com> wrote: > i think so, it work on most of linux machine depend on your linux kernel. > here is the patch for the kernel : > http://www.balabit.com/downloads/tproxy/ > but if i cand choose linux or FreeBSD i preferred FreeBSD ( i'm a > FreeBSD die hard user). > that's why i ask the people here, maybe they have solutions regarding > this problems. A little birdie has told me that this mode of transparent client-spoofing is possible with FreeBSD with a little kernel hackery (much less than whats needed for TPROXY.) Maybe someone who "knows" the code better than I could comment on how difficult it'd be to add in functionality to FreeBSD to spoof the local IP of a connected socket for outbound connections. This of course assumes symmetric traffic flows but thats already a given in a setup like this. Adrian -- Adrian Chadd - adrian@freebsd.org
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?d763ac660704172157q73cbefd8p9cb13597075eda7c>