layer2 ipfw 'fwd' support
Brandon Gooch
jamesbrandongooch at gmail.com
Fri Oct 8 18:02:03 UTC 2010
On Fri, Oct 8, 2010 at 10:55 AM, Eduardo Meyer <dudu.meyer at gmail.com> wrote:
> On Thu, Oct 7, 2010 at 10:23 PM, Eduardo Meyer <dudu.meyer at gmail.com> wrote:
[SNIP]
> Luiz has added it to: http://loos.no-ip.org:280/lusca_bridge.diff
>
> I have tested and it works pretty well.
>
> I hope someone can add it to -HEAD, so we won't loose it again. With
> time, ipfw code changes and such great patches like Rizzo's and
> Julian's stop working one day. It's bad we miss such great
> functionality.
Sounds like a reasonable request. I hope it is considered.
> Thank you again everyone envolved.
Thanks goes to you for your persistence in getting this working.
> Adrian / Luiz / Julian,
>
> With this patch fwd does it's job on L2, ordinary proxy works like a
> charm. But TPROXY won't work. It would be perfect to have both
> features together. If you can suggest any further tests or changes I
> will be pleased to test.
To be clear, are we getting to the point of having the capability in
ipfw of doing something like this in pf:
...
pass in quick on $INT_IF route-to lo0 inet proto tcp from any to
127.0.0.1 port 3128 keep state
...
...thus allowing true, transparent proxying?
I really thought that this was possible already with ipfw :( I need to
do some more reading...
I would be very interested in obtaining details on your final setup,
once everything is in place and fully functioning :)
-Brandon
More information about the freebsd-ipfw
mailing list