Date: Wed, 30 Jul 2008 14:44:32 -0700 From: Julian Elischer <julian@elischer.org> To: Attila Nagy <bra@fsn.hu> Cc: freebsd-net@freebsd.org Subject: Re: SO_BINDANY and pf divert Message-ID: <4890E0C0.1070208@elischer.org> In-Reply-To: <48909009.1070805@fsn.hu> References: <48909009.1070805@fsn.hu>
next in thread | previous in thread | raw e-mail | index | archive | help
Attila Nagy wrote: > Hello, > > OpenBSD's relayd has grown a very useful transparent relay support, > which means you can run a HTTP(S) reverse proxy transparently > (maintaining the source IP, while you have a different TCP stream open > from the proxy to the backend, even by terminating the SSL part and > speaking clear text HTTP to the backends). > > For this (as far as I could figure out, while trying to make this newer > relayd working on FreeBSD) two pieces are needed, which FreeBSD > currently lacks: > - the SO_BINDANY support (see > http://marc.info/?l=openbsd-cvs&m=121030159009823&w=2 and > http://www.openbsd.org/cgi-bin/man.cgi?query=setsockopt) > - the pf part, which diverts the non-local packets to the given socket > (see http://marc.info/?l=openbsd-cvs&m=121030115209292&w=2 and > http://www.openbsd.org/cgi-bin/man.cgi?query=pf.conf) well, ipfw can do that. > > After having those said, the question is obvious. :) > Does anybody feel the need for these two in FreeBSD and have the > competence and time to port them? > > Thanks, > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4890E0C0.1070208>