Date: Thu, 16 Jan 1997 21:47:07 +0000 From: Brian Somers <brian@awfulhak.demon.co.uk> To: Andrew Stesin <stesin@gu.net> Cc: freebsd-hackers@freebsd.org Subject: Re: FreeBSD as an ISDN Router Message-ID: <199701162147.VAA01577@awfulhak.demon.co.uk> In-Reply-To: Your message of "Thu, 16 Jan 1997 11:05:54 %2B0200." <Pine.BSF.3.95.970116103950.3924F-100000@trifork.gu.net>
next in thread | previous in thread | raw e-mail | index | archive | help
> Dear Brian, > > On Thu, 16 Jan 1997, Brian Somers wrote: > > > The alias stuff converts *every* port number for a given interface, making > > what appears to be going on and what's actually going on into two completely > > different things. > > Would you mind explaining me please, how the stuff discussed > here differs from what IPfilter (with NAT "range-to-range" > functionality) (see http://coombs.anu.edu.au/~avalon > for details) does? It solves the same problems, but the alias code has some packet-mangling stuff built in to deal with ftp PORT commands, realaudio etc. It also manages fragments and ICMP packets. The *real* advantage is that it's not filling the tcp stack with clag, whereas ipfilter does (not that much clag, but it's "unclean"). The *real* disadvantage is that it only works for user-level ppp. The best solution (the one I'm going to tackle) is the masqd daemon sitting on top of ipfw 'divert'd packets. No kernel mods, one daemon program and it works on any interface.... wonderful ! -- Brian <brian@awfulhak.demon.co.uk>, <brian@freebsd.org> <http://www.awfulhak.demon.co.uk/>; Don't _EVER_ lose your sense of humour....
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199701162147.VAA01577>