Transparent proxy feature?
Antony T Curtis
antony.t.curtis at ntlworld.com
Sat Mar 12 04:22:15 PST 2005
On Fri, 2005-03-11 at 14:44 -0800, Julian Elischer wrote:
> responding to myself to add more..
>
> Julian Elischer wrote:
> > Antal Rutz wrote:
> >
> >> Hi,
> >>
> >> Nowadays I have to use a special firewall software ('zorp') but
> >> unfortunately it only runs on linux. the reason is that only linux
> >> has the feature (transparent proxying) to listen on/send packets
> >> (sourcing)
> >> from other IP addresses than the machine has. (maybe with an extra kmod)
<snip>
> The proxy software need only do a getsockname() to get the sockaddr to use
> for the forward connection.
>
> The ipfw rules need to be set so that the outgoing forward connection by
> the
> proxy is not also captured :-)
Isn't the following option also required?
option IPFIREWALL_FORWARD
--
Antony T Curtis, BSc. UNIX, Linux, *BSD, Networking
antony.t.curtis at ntlworld.com C++, J2EE, Perl, MySQL, Apache
IT Consultancy.
More information about the freebsd-current
mailing list