*BSD News Article 73547


Return to BSD News archive

Path: euryale.cc.adfa.oz.au!newshost.anu.edu.au!harbinger.cc.monash.edu.au!nntp.coast.net!news.kei.com!newsfeed.internetmci.com!netnews.nwnet.net!symiserver2.symantec.com!usenet
From: TOMD@cpinc.com
Newsgroups: comp.unix.bsd.freebsd.misc
Subject: Re: IP Masquerading in user PPP?
Date: 13 Jul 1996 07:38:34 GMT
Organization: Symantec Corporation
Lines: 17
Message-ID: <4s7jpq$k7i@symiserver2.symantec.com>
References: <Pine.BSF.3.91.960708224558.170A-100000@darkstar>
Reply-To: tedm%toybox@agora.rdrop.com
NNTP-Posting-Host: 198.6.34.1
X-Newsreader: IBM NewsReader/2 v1.2

In <Pine.BSF.3.91.960708224558.170A-100000@darkstar>, Charles Mott <cmott@srv.net> writes:

[some deleted]

>My question is this: is it structurally possible for IP masquerading to be
>implemented within user PPP (not pppd)?  If so, I would appreciate some

I'm pretty sure this would have to be done within the kernel TCP stack code
using a table.  There are security implications to allow a user to manipulate
such a table, of course the user would have to be able to do so for it to be
useful.  I suppose you could have the root user be able to do it, something
along the lines of setting up a table with pre-determined IP addresses in the
kernel and then assigning them to the users.

I have a feeling this would involve also adding code to pppd.  In any case, this is
not a project that would be small.