Subject: Re: Transparent Proxying
To: None <>
From: Jaromir Dolecek <>
List: tech-kern
Date: 05/14/2002 15:16:25
Matthew Mondor wrote:
> I have looked into ipnat, but this would not seem to solve the issue at
> hand, I previously wrote an FTP passive proxy (mmtcpfwd) which requires
> this feature, it currently works on Linux but I would like to port it to
> NetBSD...

You can use rdr rule to route incoming ftp traffix to your passive
proxy, and use /dev/ipnat to get the information about incoming
connections (using ioctls()).

Seems like ftp-proxy Itojun mentioned might be usable as
an example for such proxy. Shouldn't be too hard to even port it
over, it seems to only be hooked to a rdr rule anyway too.
IPF should provide all the necessary hooks for such a transparent

Jaromir Dolecek <>
-=- We should be mindful of the potential goal, but as the tantric    -=-
-=- Buddhist masters say, ``You may notice during meditation that you -=-
-=- sometimes levitate or glow.   Do not let this distract you.''     -=-