Date: Fri, 31 Aug 2007 19:12:42 +0200 From: Mel <fbsd.questions@rachie.is-a-geek.net> To: freebsd-questions@freebsd.org Subject: Re: pf rdr + netsed : reinject loop... Message-ID: <200708311912.43272.fbsd.questions@rachie.is-a-geek.net> In-Reply-To: <20070901022726.1e629b2c@localhost> References: <20070831202729.7e4c0f7a@localhost> <200708311740.07360.fbsd.questions@rachie.is-a-geek.net> <20070901022726.1e629b2c@localhost>
next in thread | previous in thread | raw e-mail | index | archive | help
On Friday 31 August 2007 18:27:26 Norberto Meijome wrote: > On Fri, 31 Aug 2007 17:40:06 +0200 > > Mel <fbsd.questions@rachie.is-a-geek.net> wrote: > > > netsed's output is (part ) : > > > --- > > > Script started on Fri Aug 31 07:52:12 2007 > > > [root@localhost /usr/home/luser]# netsed tcp 10101 0 0 s/FOO/BAR > > > netsed 0.01b by Michal Zalewski <lcamtuf@ids.pl> > > > [*] Parsing rule s/FOO/BAR ... > > > [+] Loaded 1 rules... > > > [+] Listening on port 10101/tcp. > > > [+] Using dynamic (transparent proxy) forwarding. > > > > > > [+] Got incoming connection from 172.16.82.81:1178 to 127.0.0.1:10101 > > > [*] Forwarding connection to 127.0.0.1:10101 > > > [+] Got incoming connection from 127.0.0.1:51337 to 127.0.0.1:10101 > > > [*] Forwarding connection to 127.0.0.1:10101 > > > [+] Caught client -> server packet. > > > > I think you need to figure out what this 'transparent proxy mode' of > > netsed does, cause it should under no circumstances forward to itself... > > it simply forwards the packet to the dst_ip:dst_port it originally had. > But, as Daniel H pointed out, those packets had been rewritten by pf's rdr > to go TO netsed's ip:port .... hence netsed wont change anything. It works > fine in non-proxy mode, but as I said in my first msg, that is not an > option for me. OK, I just tried to verify if rdr rewrites dest and indeed it does from netsed's point of view (didn't know my machine could go to 100 load and still catch SIGINT). Now I wonder how ftp-proxy(8) ever gets the server address. Time to view the source. -- Mel
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200708311912.43272.fbsd.questions>