From owner-freebsd-hackers Mon Apr 23 0:24:42 2001 Delivered-To: freebsd-hackers@freebsd.org Received: from softweyr.com (bsdconspiracy.net [208.187.122.220]) by hub.freebsd.org (Postfix) with ESMTP id 927E337B424; Mon, 23 Apr 2001 00:24:37 -0700 (PDT) (envelope-from wes@softweyr.com) Received: from localhost ([127.0.0.1] helo=softweyr.com ident=110f2ac2843a6763bde34ecfd84dab8d) by softweyr.com with esmtp (Exim 3.16 #1) id 14rahi-00023w-00; Mon, 23 Apr 2001 01:24:14 -0600 Message-ID: <3AE3D89D.9ABCA7B6@softweyr.com> Date: Mon, 23 Apr 2001 01:24:13 -0600 From: Wes Peters Organization: Softweyr LLC X-Mailer: Mozilla 4.75 [en] (X11; U; Linux 2.2.12 i386) X-Accept-Language: en MIME-Version: 1.0 To: "E.B. Dreger" Cc: hackers@freebsd.org, net@freebsd.org Subject: Re: TCP intercept? References: Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG "E.B. Dreger" wrote: > > Greetings all, > > I'm no kernel hacker, and trying to think of useful little projects to > change that. ;-) > > AFAIK, FreeBSD lacks support for TCP intercept. Is anyone already working > on this? Would it be of interest to anyone? My initial thoughts are that > it should be implemented in the same neighborhood as stateful firewall > code, as the two are rather closely related. If you mean IP forwarding, you can do that with ipnat (part of ipfilter) or with natd. If you mean network interface monitoring, see the man page for bpf. Otherwise, you'll have to explain what you mean by "TCP intercept", it is not a terminology in common use. -- "Where am I, and what am I doing in this handbasket?" Wes Peters Softweyr LLC wes@softweyr.com http://softweyr.com/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message