Subject: Re: Transparent Proxying
To: None <>
From: Matthew Mondor <>
List: tech-kern
Date: 05/14/2002 13:07:04
On Tue, 14 May 2002 10:16:32 -0400 (EDT)
Lord Isildur <> wrote:

> side and come out the other, and without some out of band communication, 
> neither side of the traffic can tell (unless its doing some very smart 
> things with a lot of guessing and statistics) that its being diddled with
> in the middle.

That would probably be perfect, all that is really needed to port my code
is that the IP address be re-written so that logs (and ftpd data port) on
the internal machine the connections are forwarded to be fooled with the
actual client's address... and of course that forwarded port must not be
fixed, the userspace daemons should decide where and when to connect.

Thanks, not that this is required right now, it can wait, I however was
wondering about the possibilities of such thing under netbsd, which has
lately become my favorite system... Most of my code ported easily but this
one requires kernel-dependant capabilities...