From owner-freebsd-questions  Wed Jun  6 19:24:44 2001
Delivered-To: freebsd-questions@freebsd.org
Received: from kirk.sector14.net (24-168-222-195.mf.cox.rr.com [24.168.222.195])
	by hub.freebsd.org (Postfix) with ESMTP id 5063D37B401
	for <freebsd-questions@freebsd.org>; Wed,  6 Jun 2001 19:24:36 -0700 (PDT)
	(envelope-from dgl@kirk.sector14.net)
Received: (from dgl@localhost)
	by kirk.sector14.net (8.11.3/8.11.3) id f572OPW04386;
	Wed, 6 Jun 2001 22:24:25 -0400 (EDT)
	(envelope-from dgl)
Date: Wed, 6 Jun 2001 22:24:24 -0400
From: Doug Lee <dgl@visi.com>
To: freebsd-questions@freebsd.org
Subject: Shared IP, real-time packet editing, or best offer...?
Message-ID: <20010606222424.A4331@kirk.sector14.net>
Mail-Followup-To: Doug Lee <dgl@visi.com>,
	freebsd-questions@freebsd.org
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.2.5i
Organization: Bartimaeus Group
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-questions.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo?subject=subscribe%20freebsd-questions>
List-Unsubscribe: <mailto:majordomo?subject=unsubscribe%20freebsd-questions>
X-Loop: FreeBSD.ORG

I want to do something a bit beyond NAT:

MSN Messenger's audio protocol and at least the IRC DCC protocols I've
seen send a workstation's IP address inside the data section of a TCP
packet.  When the workstation's address is NATed and private, this
translates to communication failure, since the unsuspecting machine at
the other end has no way to route a packet back to the workstation.

I can think of two possible solutions to this: (1) sharing the public
IP such that the workstation believes it owns the address but really
only owns the address on certain ports, or (2) editing packets as
they go by and possibly triggering actions, such as firewall
modification, based on data patterns in packets.

The `netsed' program looks somewhat promising as a solution to the
second idea, though I see nothing to indicate that it could be used to
trigger actions other than just packet modification (I haven't
finished reading though).  Based solely on my limited understanding of
the state of modern firewall/router boxes for cable/DSL, I am under
the impression that the first idea is not unheard of.  I would think
the first idea would really require the workstation to have two IPS on
its interface though: the normal private one, and the partly-owned
public one.

Recommendations/clarifications welcome.  As is surely obvious, I'm
dancing on the edge of my knowledge in this area...

-- 
Doug Lee           dgl@visi.com        http://www.visi.com/~dgl
Bartimaeus Group   doug@bartsite.com   http://www.bartsite.com
"The most exciting phrase to hear in science, the one that heralds
new discoveries, is not 'Eureka!' ('I found it!') but rather 'hmm....
that's funny...'"  --   Isaac Asimov

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message