Return to BSD News archive
Path: euryale.cc.adfa.oz.au!newshost.carno.net.au!harbinger.cc.monash.edu.au!news.cs.su.oz.au!metro!metro!asstdc.scgt.oz.au!nsw.news.telstra.net!act.news.telstra.net!psgrain!newsfeed.internetmci.com!news.mathworks.com!news.kei.com!news.texas.net!newsfeed.concentric.net!news-master!news From: dantso@cris.com (Daniel Ts'o) Newsgroups: comp.unix.bsd.freebsd.misc Subject: Re: IP Masqerading? Date: Wed, 14 Aug 96 03:20:04 GMT Organization: Concentric Internet Services Lines: 28 Message-ID: <4urdc4$87m@herald.concentric.net> References: <jfortes-1307951117380001@10.0.2.15> <320F6E48.1EF468BB@lambert.org> NNTP-Posting-Host: crc8.cris.com X-Newsreader: News Xpress Version 1.0 Beta #4 For us uninformed, could someone please reconcile these statements: : : Has IP masquerading ever been impllemented in FreeBSD? >Well, build the loadable kernel module that comes with >Darren Reed's IPFilter and you can have NAT ( == IP Masquerading ). :No. IP "masquerading" is not RFC compliant. This has been :discussed to death. : :FreeBSD does, however, support proxy services, which is what :IP "masquerading" claims to be. : :There is code in the current release of the firewall toolkit :to do this, and there is Sock5. Either one of these will let :you do what you (apparently) want to do, but in an RFC compliant :way. Being uninformed, my impression is that proxying via the toolkit Socks is very application specific. It would be nice to have a more general solution. Isn't masquerading more general ? Don't really want to arrange apps specific proxy servers or hack in Socks support into each Internet app (many/most of which one only gets in binary form)... Thanks.