Universal Client Gateway
Barney Wolff
barney at databus.com
Sun Nov 14 16:49:19 PST 2004
On Sun, Nov 14, 2004 at 04:23:08PM -0800, Jacob S. Barrett wrote:
> On Sunday 14 November 2004 02:14 pm, Julian Elischer <julian at elischer.org>
> wrote:
> > sounds like you just want to run natd.
>
> I do for all the traffic exiting the WAN interface. I am doing that and I can
> pass traffic from the host through the universal proxy to the destination.
> The traffic coming back from the destination enters WAN interface and natd
> and is translated back to the host interface but gets routed back out the WAN
> (default route) since the host is not local. I need to be able to spoof the
> routing table into forwarding the packet back out the LAN internface.
When you have arpd (probably modified slightly) answer for a new "gateway"
address, add it as an alias to the interface on which the arp request was
received, with a netmask that will cover the address from which the
request came. Then responses to the original requester will naturally
go back out the right interface.
Of course, this is all pretty pointless. It would be better to force
the clients to use dhcp, even if they're transients. Also, it's rather
dangerous - would you notice if such a client claimed to have the IP
address of your Internet gateway, and thus captured everybody's traffic?
--
Barney Wolff http://www.databus.com/bwresume.pdf
I'm available by contract or FT, in the NYC metro area or via the 'Net.
More information about the freebsd-net
mailing list