| Current Path : /usr/src/contrib/ipfilter/FWTK/ |
FreeBSD hs32.drive.ne.jp 9.1-RELEASE FreeBSD 9.1-RELEASE #1: Wed Jan 14 12:18:08 JST 2015 root@hs32.drive.ne.jp:/sys/amd64/compile/hs32 amd64 |
| Current File : //usr/src/contrib/ipfilter/FWTK/README.ipfilter |
there was a patch for fwtk with ip_filter 3.1.5 from James B. Croall (thanx for his work) which I put onto fwtk 2.0beta. Now, if you decide to do transparent proxying with ip-filter you have to put -DUSE_IP_FILTER to COPTS in Makefile.config. With Solaris 2.x you have to correctly replace the path to your ip_filter sources. (lib/hnam.c needs ip_nat.h) I also patched plug-gw to be configured to accept not only one destination with the parameter "-all-destinations" in netperm-table. Perhaps this is a security hole... The patched fwtk worked fine for me with linux (kernel 2.0.28 and ipfadm 2.1) and Solaris 2.5 (ip_filter 3.1.5). If you try to enhance the transparent proxy features for other architectures, see lib/hnam.c (getdsthost). Michael Kutzner, Michael.Kutzner@paderlinx.de