*BSD News Article 76814

Return to BSD News archive 

Path: euryale.cc.adfa.oz.au!newshost.carno.net.au!harbinger.cc.monash.edu.au!munnari.OZ.AU!news.ecn.uoknor.edu!solace!news.stealth.net!cdc2.cdc.net!news.texas.net!news.kei.com!news.mathworks.com!enews.sgi.com!decwrl!usenet.cisco.com!iverson
From: iverson@cisco.com (Tim Iverson)
Newsgroups: comp.unix.bsd.freebsd.misc
Subject: Re: IP Masqerading?
Date: 24 Aug 1996 02:02:09 GMT
Organization: cisco
Lines: 37
Message-ID: <4vlnr1$359@cronkite.cisco.com>
References: <jfortes-1307951117380001@10.0.2.15> <4va0s1$in@anorak.coverform.lan> <321A00A2.2D730BF6@lambert.org> <AMBRISKO.96Aug21110547@cozumel.tcs.com>
NNTP-Posting-Host: rottweiler.cisco.com

In article <AMBRISKO.96Aug21110547@cozumel.tcs.com>,
Douglas Ambrisko <ambrisko@cozumel.tcs.com> wrote:
|Terry Lambert <terry@lambert.org> writes:
|
|> Brian Somers wrote:
|> ] 
|> ] Terry Lambert (terry@lambert.org) wrote:
|> ] 
|> ] : 1)      Socks5 -- that's Socks****5**** -- supports proxying without
|> ] :         modifying applications.
|> ] 
|> ] Ah, in that case forgive my rather abrupt posting saying that proxies
|> ] are not transparent.  How does this work then ?
|> 
|> I don't know.  The port maintainer said it did whene we had
|> this whole discussion on the -hackers list a month ago.
|
|I guess I can pipe in here, it works on bins that have been built with
|shared libs.  The "runsocks" script set LD_PRELOAD and LD_LIBRARY_PATH
|so that this special libsocks5.so intercepts the network calls, does the
|socks'ification stuff and then calls the libc functions.  LD_PRELOAD is 
|supported in FreeBSD 2.1.5 and later.  Works prety good on stuff like
|xemacs reading news through a Socks server to a nntp server.  We even have
|it cleaned up so you can do a "runsocks make" in ports.  Haven't got

This can of worms, is, IMHO, far worse than any ugliness in NAT, since it
requires *each* OS to seperately support SOCKS-5.  Collectively, this is
far more work than to just implement a smart proxying NAT on the router.  Of
course, if you happen to have a system that has such a SOCKs converter, use
it; there's never a good reason to solve your own problem twice.

BTW, I'm still stuck using NAT -- I route with FreeBSD, but I use other
OSes on my LAN (mostly W95) that don't support SOCKS.

- Tim Iverson
  iverson@lionheart.com