Firewall Wizards mailing list archives
Re: IP transparent proxies (source).
From: "-= ArkanoiD =-" <ark () mpak convey ru>
Date: Wed, 5 Nov 97 02:07:55 +0300
nuqneH,
Date: Tue, 4 Nov 1997 12:56:57 -0500 From: Steve Kann <stevek () SteveK COM> To: linux-net () vger rutgers edu Cc: firewall-wizards () nfr net Subject: IP transparent proxies (source).
[dd]
I've been really interested in IP_TRANSPARENT_PROXY stuff, and have made two tools that are really useful for taking advantage of it. The first is tplug-gw, which is based on the fwtk plug-gw, and can transparently proxy tcp connections. You can then choose via linux' filtering rules which connections you'd like proxied. Doing this, instead of simple packet filtering lets you have better logging, stops TCP OOB attacks, fragmentation attacks, etc. I'm not including the source here yet, because I'm not sure if I'm allowed to redistribute it, according to the fwtk license. I might just re-write it from scratch, as it isn't too complicated, and then it could be released without problems.
Hmm afair such a thing already does exist (it was a transparent patch set for fwtk,works with xBSD ipfilter and linux masquerading). afair there was ftp-gw patch also. --- _ _ _ _ _ _ _ Must be a visit from the dead.. _| o |_ | | _|| | / _||_| |_ |_ |_ CU in Hell .......... Arkan#iD |_ o _||_| _||_| / _| | o |_||_||_|
Current thread:
- IP transparent proxies (source). Steve Kann (Nov 04)
- Re: IP transparent proxies (source). -= ArkanoiD =- (Nov 07)
- Re: IP transparent proxies (source). Magossa'nyi A'rpa'd (Nov 07)
- Re: IP transparent proxies (source). -= ArkanoiD =- (Nov 08)
- Re: IP transparent proxies (source). Mike Shaver (Nov 08)
- Re: IP transparent proxies (source). Joseph S. D. Yao (Nov 10)