> On Wed, Oct 31, 2007 at 09:53:56AM -0700, Julian Elischer wrote: > > It's possible using ipfw to mostly implement this, and with an upcoming > > change, possible to completely implement this. > > > > the "uid" function of ipfw can act as a "does there exist a socket to which > > this packet would go?" test. > > and a variant of it called "for_me" that I am adding (we use it at work) > > does this even better. > > > > so, basically, > > > > yyy: skipto xxx ip from any to-me > > yyy+1: fwd 127.0.0.1,1234 > > xxx: > > One problem with this kind of implementation is that it's impossible to > make it plug and play. Just equip mtund with script that configure virgin OS in proper way and restrict to do that when there is some non-minimal configuration, for example ipfw is not empty.
Your plug and play goal as written contradicts BSD spirits IMHO. Sorry for bad English. _______________________________________________ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "[EMAIL PROTECTED]"
