Subject: Re: Transparent Proxying
To: None <>
From: Matthew Mondor <>
List: tech-kern
Date: 05/14/2002 08:26:04
On Tue, 14 May 2002 18:28:45 +0900 wrote:

> 	though only for IPv6, we have this functionality implemented as
> 	faith(4) interface.  under the following condition:
> 	- sysctl net.inet6.ip6.keepfaith=1, 
> 	- listening socket has setsockopt(IPV6_FAITH) set,
> 	- a IPv6 packet gets routed to faith(4) interface
> 	the listening socket will hijack any inbound connection.
> 	i'm still not 100% sure if modelling it as an interface is the
> 	right thing to do. (for instance, faith(4) model does not handle
> 	link-local IPv6 address case)
> 	openbsd seem to have the functionality implemented as combination of
> 	PF packet filter and ftp-proxy(8).
> 	i guess you will want to check it out.

Thanks alot, I will definitely check those out, PF as in BPF(4)? It is
true that faith(4) when looking at it seems alot like it...