Firewall Wizards mailing list archives

Re: IP transparent proxies (source).

From: "-= ArkanoiD =-" <ark () mpak convey ru>
Date: Wed, 5 Nov 97 02:07:55 +0300

nuqneH,

Date: Tue, 4 Nov 1997 12:56:57 -0500
From: Steve Kann <stevek () SteveK COM>
To: linux-net () vger rutgers edu
Cc: firewall-wizards () nfr net
Subject: IP transparent proxies (source).


[dd]

          I've been really interested in IP_TRANSPARENT_PROXY stuff, and
have made two tools that are really useful for taking advantage of it.
The first is tplug-gw, which is based on the fwtk plug-gw, and can
transparently proxy tcp connections.  You can then choose via linux'
filtering rules which connections you'd like proxied.  Doing this,
instead of simple packet filtering lets you have better logging, stops
TCP OOB attacks, fragmentation attacks, etc.  I'm not including the
source here yet, because I'm not sure if I'm allowed to redistribute it,
according to the fwtk license.  I might just re-write it from scratch,
as it isn't too complicated, and then it could be released without
problems.


Hmm afair such a thing already does exist (it was a transparent patch
set for fwtk,works with xBSD ipfilter and linux masquerading).

afair there was ftp-gw patch also.
--- 
                                       _     _  _  _  _      _  _
   Must be a visit from the dead..     _| o |_ | | _|| |   / _||_|   |_ |_ |_
   CU in Hell ..........  Arkan#iD    |_  o  _||_| _||_| /   _|  | o |_||_||_|

Current thread:

IP transparent proxies (source). Steve Kann (Nov 04)
- Re: IP transparent proxies (source). -= ArkanoiD =- (Nov 07)
- Re: IP transparent proxies (source). Magossa'nyi A'rpa'd (Nov 07)
  - Re: IP transparent proxies (source). -= ArkanoiD =- (Nov 08)
  - Re: IP transparent proxies (source). Mike Shaver (Nov 08)
  - Re: IP transparent proxies (source). Joseph S. D. Yao (Nov 10)