How can I simulate the linux 2.2.x transparent proxy support in linux 2.4?
Using linux 2.2 on my router I can bind() a socket to an address X and
then connect() to another host Y. Y would see an incoming connection from
X and reply accordingly: if the replies towards X pass through my router
they are rerouted towards the local socket and all works smoothly.
This is a (IMO) tricky hack to fake requests from host X: it is used for
example by nat-enabled IDENT servers that forward the incoming requests
towards the right host on the internal network. Normally the IDENT server
on these hosts wouldn't answer queries from hosts != X and therefore the
router has to fake the connection from X.
Linux 2.4 doesn't have this behaviour. Setting ip_nonlocal_bind doesn't
help. Maybe it could be done with some SNAT and libiptc & friends,...
Maybe there is a simpler way. Does anyone know one?
TIA,
Zun.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Thu May 31 2001 - 21:00:41 EST