Date: Wed, 6 Jun 2001 22:24:24 -0400 From: Doug Lee <dgl@visi.com> To: freebsd-questions@freebsd.org Subject: Shared IP, real-time packet editing, or best offer...? Message-ID: <20010606222424.A4331@kirk.sector14.net>
next in thread | raw e-mail | index | archive | help
I want to do something a bit beyond NAT: MSN Messenger's audio protocol and at least the IRC DCC protocols I've seen send a workstation's IP address inside the data section of a TCP packet. When the workstation's address is NATed and private, this translates to communication failure, since the unsuspecting machine at the other end has no way to route a packet back to the workstation. I can think of two possible solutions to this: (1) sharing the public IP such that the workstation believes it owns the address but really only owns the address on certain ports, or (2) editing packets as they go by and possibly triggering actions, such as firewall modification, based on data patterns in packets. The `netsed' program looks somewhat promising as a solution to the second idea, though I see nothing to indicate that it could be used to trigger actions other than just packet modification (I haven't finished reading though). Based solely on my limited understanding of the state of modern firewall/router boxes for cable/DSL, I am under the impression that the first idea is not unheard of. I would think the first idea would really require the workstation to have two IPS on its interface though: the normal private one, and the partly-owned public one. Recommendations/clarifications welcome. As is surely obvious, I'm dancing on the edge of my knowledge in this area... -- Doug Lee dgl@visi.com http://www.visi.com/~dgl Bartimaeus Group doug@bartsite.com http://www.bartsite.com "The most exciting phrase to hear in science, the one that heralds new discoveries, is not 'Eureka!' ('I found it!') but rather 'hmm.... that's funny...'" -- Isaac Asimov To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010606222424.A4331>