atom feed61 messages in org.freebsd.freebsd-questionsRe: ip masquerading
FromSent OnAttachments
Clint MarekMay 16, 1996 8:02 pm 
Doug WhiteMay 17, 1996 11:33 am 
Tony KimballMay 17, 1996 2:11 pm 
Terry LambertMay 17, 1996 2:23 pm 
Tony KimballMay 17, 1996 6:04 pm 
Archie CobbsMay 17, 1996 6:05 pm 
Terry LambertMay 17, 1996 6:13 pm 
Tony KimballMay 17, 1996 7:46 pm 
Terry LambertMay 17, 1996 10:48 pm 
Archie CobbsMay 18, 1996 1:23 am 
francis yeungMay 18, 1996 5:26 am 
Bruce A. MahMay 18, 1996 8:43 am 
Eric J. SchwertfegerMay 18, 1996 11:06 am 
Stephen HoveyMay 18, 1996 11:59 am 
Archie CobbsMay 18, 1996 1:05 pm 
Terry LambertMay 18, 1996 3:15 pm 
Clint MarekMay 18, 1996 10:09 pm 
Michael SmithMay 18, 1996 10:36 pm 
Tony KimballMay 19, 1996 12:50 am 
Carl MakinMay 19, 1996 5:01 am 
Pedro A M VazquezMay 19, 1996 6:01 am 
Michael SmithMay 19, 1996 7:40 am 
Charlie ROOTMay 19, 1996 4:37 pm 
Michael SmithMay 19, 1996 7:07 pm 
Garrett WollmanMay 20, 1996 7:40 am 
Bruce A. MahMay 20, 1996 8:37 am 
Tony KimballMay 20, 1996 11:48 am 
Jim DennisMay 20, 1996 12:47 pm 
Garrett WollmanMay 20, 1996 1:29 pm 
Tony KimballMay 20, 1996 1:36 pm 
Terry LambertMay 20, 1996 3:22 pm 
Terry LambertMay 20, 1996 3:28 pm 
Terry LambertMay 20, 1996 3:32 pm 
Gary PalmerMay 20, 1996 3:34 pm 
Archie CobbsMay 20, 1996 3:42 pm 
Terry LambertMay 20, 1996 3:45 pm 
Terry LambertMay 20, 1996 3:56 pm 
Terry LambertMay 20, 1996 4:15 pm 
Tony KimballMay 20, 1996 4:54 pm 
Tony KimballMay 20, 1996 5:09 pm 
Bruce A. MahMay 20, 1996 5:10 pm 
Bruce A. MahMay 20, 1996 5:23 pm 
Tony KimballMay 20, 1996 5:25 pm 
Michael SmithMay 20, 1996 6:38 pm 
Terry LambertMay 20, 1996 6:47 pm 
Jim DennisMay 20, 1996 8:13 pm 
Tony KimballMay 20, 1996 8:24 pm 
Jim DennisMay 20, 1996 9:14 pm 
Terry LambertMay 20, 1996 9:30 pm 
Terry LambertMay 20, 1996 9:34 pm 
Tony KimballMay 20, 1996 10:02 pm 
Bruce A. MahMay 20, 1996 10:12 pm 
Bruce A. MahMay 20, 1996 10:44 pm 
Tony KimballMay 20, 1996 10:47 pm 
M.R.MurphyMay 21, 1996 5:59 am 
Carl MakinMay 21, 1996 6:46 am 
Terry LambertMay 21, 1996 10:40 am 
Terry LambertMay 21, 1996 10:45 am 
Scott BlachowiczMay 22, 1996 9:28 am 
Pedro A M VazquezMay 22, 1996 11:13 am 
Bill FennerMay 22, 1996 11:45 am 
Subject:Re: ip masquerading
From:francis yeung (fye@fyeung5.netific.com)
Date:May 18, 1996 5:26:56 am
List:org.freebsd.freebsd-questions

Greetings,

On Fri, 17 May 1996, Terry Lambert wrote:

Which is to say, you turn on IP forwarding by default (which is illegal) and rewrite the packet source headers on the way in and out (which is also illegal).

Writing a socks client that hooks to a tunnel driver on the machine that needs the masquerading is a better solution, and it doesn't require kernel hacks to get there (or source hacks for statically linked binaries, like normal socks does). And it does it without violating the world.

I guess you would need to write a tunnel client daemon (instead of putting in about twice as much work to write IP masquerading, as well as dragging the poor kernel into the mess).

Seems like that would provide the same capability for less effort with fewer drabacks -- but would require an OS (like FreeBSD) with tunnel drivers to make it work.

Actaully, I have been using (hacked) tcprelay/ftprelay and udprelay to do the similiar thing in FreeBSD.

The following approaches may not be 100% identical but some of the objectives are similiar:

o Socks

- Socks 5 and earlier need sockified clients. - one step process

o Fwtk

- owned by TIS and needed 2 steps processes

o Applications Proxies

e.g. Delegate, CERN etc.

- good solutions but hard to find one to cover all applications, except Delegate which is very buggy.

o tcprelay/udprelay

- reasonable soluton. - Almost 1 step e.g. ftp tcprelay 8021 where tcprelay is a gateway machine.

o NAT

- 1 IP address if this is the objective.

None of those mentioned above (except NAT) need kernal modification .

One thing that I have not tried is IPIP which can do similiar things.

Francis