Date: Mon, 20 Nov 1995 10:42:18 -0800 (PST) From: Archie Cobbs <archie@tribe.com> To: serges@umr.edu (Doug S.) Cc: d_burr@ix.netcom.com, freebsd-questions@freebsd.org Subject: Re: IP Masquerading under FreeBSD? Message-ID: <199511201842.KAA20318@bubba.tribe.com> In-Reply-To: <m0tGhQR-0004KaC@nero.x10siv.org> from "Doug S." at Nov 18, 95 01:10:59 am
next in thread | previous in thread | raw e-mail | index | archive | help
> I while back I had (and still have) the need to do this. It is such a > powerful feature that I dont know why its not available under FreeBSD. > (And Im not completely sure that its available under Linux. Anyone using > it?) > > Im also curious about the implementation. How does the kernel encode the > the internal hosts' IP address? Does it keep an internal list or does it > save it in the IP packet? Where would it place the address (does anyone > have a Stevens book handy? :) The way this works is by remapping TCP and UDP port numbers, and keeping an internal mapping of (ExternalPort) <-> (InternalIp, InternalPort) for both TCP and UDP. As packets fly by you just change their source or destination according to the table. New outgoing packets cause a new (unused) external port to be allocated. So most apps work, but you can't ping from the inside, for example (because ping uses ICMP which is neither TCP nor UDP). -Archie _______________________________________________________________________________ Archie L. Cobbs, archie@tribe.com * Tribe Computer Works http://www.tribe.com
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199511201842.KAA20318>